Close Open Privacy Scan

bolt Snapshot: commit def832f
science engine v1.5
schedule 2026-07-14T04:15:39.710974+00:00

verified_user Application data leak confirmed

High-confidence data exfiltration identified in application code.

smart_toy MCP server detected: chromadb, fastmcp, langchain, langchain-anthropic +8 more — detected in dependencies, not a safety judgment.

App Privacy Score

0 /100
High privacy risk — application leak confirmed

High risk · 6759 finding(s)

Dependency score: 0 (High risk)

bar_chart Score Breakdown

pii_flow −60
telemetry −25
egress −15
env_fs −3

list Scan Summary

321 high 2582 medium 3856 low
First-party packages: 7
Dependency packages: 99
Ecosystem: python

swap_horiz Confirmed data exfiltration in application code

External domains: %s10.0.0.1169.254.169.254192.168.0.10192.168.1.1account-iam.awsg.usge1.private.platform.ibmforusgov.comaccount-iam.awsg.usge1.private.platform.prep.ibmforusgov.comaccount-iam.platform.saas.ibm.comaccount-iam.platform.test.saas.ibm.comaccounts.google.comaclanthology.orgai.api.nvidia.comai.google.devaistudio.google.comalembic.sqlalchemy.organdroid.stackexchange.comap-south-1.aws.wxai.ibm.comapac.smith.langchain.comapiapi-inference.huggingface.coapi.agentql.comapi.aimlapi.comapi.anthropic.comapi.ap-south-1.aws.data.ibm.comapi.assemblyai.comapi.astra.datastax.comapi.au-syd.dai.cloud.ibm.comapi.ca-tor.dai.cloud.ibm.comapi.cloud.llamaindex.aiapi.cloudflare.comapi.cometapi.comapi.dai.dev.cloud.ibm.comapi.dai.ibmforusgov.comapi.dai.prep.ibmforusgov.comapi.dai.test.cloud.ibm.comapi.dataplatform.cloud.ibm.comapi.dataplatform.dev.cloud.ibm.comapi.dataplatform.test.cloud.ibm.comapi.deepseek.comapi.dev.aws.data.ibm.comapi.eu-de.dataplatform.cloud.ibm.comapi.eu-gb.dataplatform.cloud.ibm.comapi.exa.aiapi.firecrawl.devapi.fireworks.aiapi.github.comapi.groq.comapi.hub.langchain.comapi.jina.aiapi.jp-tok.dataplatform.cloud.ibm.comapi.langflow.storeapi.mistral.aiapi.morphllm.comapi.notdiamond.aiapi.notion.comapi.novita.aiapi.nvcf.nvidia.comapi.openai.comapi.pinecone.ioapi.reference.langfuse.comapi.sambanova.aiapi.scarf.shapi.search.brave.comapi.segment.ioapi.smith.langchain.comapi.tavily.comapi.test.aws.data.ibm.comapi.together.xyzapi.traceloop.comapi.unstructured.ioapi.us-east-1.aws.data.ibm.comapi.x.aiapp.assemblyai.comapp.comapp.langwatch.aiapp.neptune.aiapp.phoenix.arize.comapp.unstructured.ioapp.vlm.runarchive.orgarrow.apache.orgarxiv.orgasktom.oracle.comassemblyai.comastra.datastax.comattribution.omnilib.devau-syd.ml.cloud.ibm.comauai.orgauth.openai.comaws.amazon.comaws.smith.langchain.combayes.cs.ucla.edubedrock-mantlebeta.api.smith.langchain.combeta.smith.langchain.combetterexplained.combit.lybitbucket.orgbl.ocks.orgblog.alifaraji.irblog.ganssle.ioblogs.ams.orgblogs.msdn.comblogs.oracle.combooks.google.combost.ocks.orgboto3.amazonaws.combrandur.orgbrew.shbsonspec.orgbugs.jython.orgbugs.python.orgca-tor.ml.cloud.ibm.comcdn-media.huggingface.cocdn.britannica.comcdn.jsdelivr.netcdn.sprig.comcdnjs.cloudflare.comchardet.feedparser.orgchatgpt.comcheatsheetseries.owasp.orgchroma-onnx-models.s3.amazonaws.comchromium.googlesource.comciteseer.ist.psu.educiteseerx.ist.psu.educlear.mlclick.palletsprojects.comclip-cn-beijing.oss-cn-beijing.aliyuncs.comcloud.baidu.comcloud.google.comcloud.ibm.comcloud.langfuse.comcloud.llamaindex.aicloud.sambanova.aicode.activestate.comcode.djangoproject.comcode.google.comcodewithoutrules.comcohere.comcole-maclean.github.iocollaboration.cmc.ec.gc.cacommonmark.orgconnectivity-matrix.us-south.cf.test.appdomain.cloudconsoleconsole.anthropic.comconsole.cloud.google.comconsole.groq.comcontroller.apicookbook.openai.comcourses.cs.ut.eecr-api.icosacomputing.comcran.r-project.orgcreativecommons.orgcrypto.cs.mcgill.cacryptography.iocustom-endpoint.comcvsweb.openwall.comcx-oracle.readthedocs.iocython.orgd3js.orgdagshub.comdata-apis.orgdatabase.windows.netdataplatform.cloud.ibm.comdatastax.github.iodatatracker.ietf.orgdbpubs.stanford.edudeno.landdeplotdev.agentql.comdev.aws.wxai.ibm.comdev.mysql.comdev.smith.langchain.comdevelop.sentry.devdeveloper.android.comdeveloper.apple.comdeveloper.mozilla.orgdevelopers.cloudflare.comdevelopers.google.comdevelopers.googleblog.comdevelopers.home-assistant.iodevelopers.notion.comdevelopers.openai.comdiscord.comdiscord.ggdiscuss.ai.google.devdiscuss.huggingface.codiscuss.python.orgdiscuss.pytorch.orgdjangosnippets.orgdl.acm.orgdochub.mongodb.orgdockerdocling-project.github.iodocs.agentql.comdocs.aimlapi.comdocs.apify.comdocs.atlas.mongodb.comdocs.aws.amazon.comdocs.bodo.aidocs.cloud.google.comdocs.cohere.comdocs.composio.devdocs.contextual.aidocs.crewai.comdocs.datastax.comdocs.docker.comdocs.firecrawl.devdocs.google.comdocs.langchain.comdocs.langflow.orgdocs.langwatch.aidocs.litellm.aidocs.litestar.devdocs.microsoft.comdocs.mistral.aidocs.needle-ai.comdocs.neptune.aidocs.nomic.aidocs.notdiamond.aidocs.nvidia.comdocs.olivya.iodocs.ollama.comdocs.perplexity.aidocs.pydantic.devdocs.pytest.orgdocs.python-requests.orgdocs.python.orgdocs.pytorch.orgdocs.ray.iodocs.rsdocs.sambanova.aidocs.scipy.orgdocs.scrapegraphai.comdocs.sentry.iodocs.smith.langchain.comdocs.sqlalchemy.orgdocs.swanlab.cndocs.tavily.comdocs.together.aidocs.trychroma.comdocs.twisted.orgdocs.unstructured.iodocs.vectara.comdocs.vllm.aidocs.vlm.rundocs.wandb.aidocs.weaviate.iodocs.zilliz.comdoes-not-existdoi.acm.orgdoi.orgdownload.oracle.comdrive.google.comduck.comduckdb.orgdvc.orgdx.doi.orgdynaconf.comeccc.hpi-web.deeclectic.ss.uci.eduelastic.coelasticsearch-py.readthedocs.ioeli.thegreenplace.netembed.trychroma.comembeddingen.wikibooks.orgen.wikipedia.orgen.wikiversity.orgepubs.siam.orgepydoc.sourceforge.neterrors.pydantic.deves.wikipedia.orgessentia.upf.edueu-de.ml.cloud.ibm.comeu-gb.ml.cloud.ibm.comeu.smith.langchain.comexam_ple.comexample-resource.azure.openai.comexample.url.comexamples.comexcalidraw.comexport.arxiv.orgexslt.orgfarm4.staticflickr.comfastapi.tiangolo.comflyte.orgfonts.googleapis.comfoofoo.comforms.gleforum.md5decrypter.co.ukfoss.heptapod.netfoundation.wikimedia.orgfr.wikipedia.orgfreedesktop.orgfxr.googlebit.comg11n-pipeline-api.straker.globalgateway.ai.cloudflare.comgeneradordni.esgenerativelanguage.googleapis.comgephi.orggexf.netgiou.stanford.edugist.github.comgithub.comgitlab.comgoo.glgoogle-auth.readthedocs.iogoogle.aip.devgoogle.comgoogle.serper.devgoogleapis.devgoogleapis.github.iographml.graphdrawing.orggrpc.github.ioguillaumejaume.github.iohal.archives-ouvertes.frhaproxy.1wt.euhdl.handle.nethelp.cleanlab.aihelp.openai.comhf.cohg.mozilla.orghg.python.orghips.hearstapps.comholoviews.orghomepages.dcc.ufmg.brhookshost.docker.internalhostnamehrcak.srce.hrhtml.duckduckgo.comhtml.spec.whatwg.orghttpbin.orghttpd.apache.orghttpwg.orghub-ci.huggingface.cohuggingface.cohypothesis.readthedocs.ioi.postimg.cciam.bluemix.netiam.cloud.ibm.comiam.platform.saas.ibm.comiam.stage1.bluemix.netiam.test.cloud.ibm.comibm-nginx-svcibm-watson-ml.eu-gb.bluemix.netibm-watson-ml.mybluemix.netibm.comicml.ccid.atlassian.comieeexplore.ieee.orgimages.cocodataset.orgimages.pexels.comimg.youtube.comin03-ba4234asae.api.gcp-us-west1.zillizcloud.cominfer.roboflow.cominference.do-ai.runintegrate.api.nvidia.cominternal.api.dai.ibmforusgov.cominternal.api.dai.prep.ibmforusgov.comiopscience.iop.orgipython.readthedocs.ioissues.apache.orgiuuk.mff.cuni.czjgaa.infojigsawstack.comjina.aijinja.palletsprojects.comjirajmlr.csail.mit.edujournals.aps.orgjournals.plos.orgjp-tok.ml.cloud.ibm.comjponnela.comjson-schema.orgjsonlines.orgjsonpatch.comjsonquerylang.orgkexue.fmlangchain-ai.github.iolangflow.gateway.scarf.shlangflow.orglangfuse.comlearn.microsoft.comlegacy.python.orglink.aps.orglink.springer.comlite.duckduckgo.comlmstudio.ailocalhost.tiangolo.comlogin.microsoftonline.comlxr.mozilla.orgmagicstack.github.iomail.google.commanagement.azure.commanual.cytoscape.orgmaps.googleapis.commarc.najork.orgmath.berkeley.edumath.mit.edumath.stackexchange.commath.wvu.edumathworld.wolfram.commembers.loria.frmermaid.inkmermaid.js.orgmeta.wikimedia.orgmetadatametadata.google.internalmicrosoft.github.iomilvusmilvus.iomistralai.github.iomodal.commodel-spec.openai.commodelcontextprotocol.iomodels.devmongodb.commootmsdn.microsoft.commsg.pyyaml.orgmultiprocess.rtfd.iomy-api.commy-phoenix.commypy.readthedocs.iomyreponats.ionetworkx.lanl.govnetworkx.orgnews.google.comnineplanets.orgnlp.stanford.eduns.adobe.comnumba.readthedocs.ionumexpr.readthedocs.ionumpy.orgnumpydoc.readthedocs.iooauth2.googleapis.comoeis.orgoffice.microsoft.comofficeopenxml.comollama.comomoindrot.github.ioonlinelibrary.wiley.comonnxruntime.aiopenai.comopenai.github.ioopenproceedings.orgopenreview.netopenrouter.aiopensearchopensource.adobe.comopensource.orgopentelemetry.iooptuna.readthedocs.iooracle.github.iooss.redis.comotlp.arize.compackaging.python.orgpaddle-model-ecology.bj.bcebos.compandas.pydata.orgparquet.apache.orgpasslib.readthedocs.iopbs.twimg.compendulum.eustace.iopenghao-bdsc.github.iopeps.python.orgpgp.mit.eduphone.olivya.iopiblpmmdsiknacjnm1ltla.c1.europe-west3.gcp.weaviate.cloudpillow.readthedocs.iopip.pypa.iopkg.go.devplatform.claude.complatform.openai.comportal.acm.orgportswigger.netpresbrey.mit.eduprimary.endpointprivate.ap-south-1.aws.wxai.ibm.comprivate.api.au-syd.dai.cloud.ibm.comprivate.api.ca-tor.dai.cloud.ibm.comprivate.api.dai.dev.cloud.ibm.comprivate.api.dai.test.cloud.ibm.comprivate.api.dataplatform.cloud.ibm.comprivate.api.dataplatform.dev.cloud.ibm.comprivate.api.dataplatform.test.cloud.ibm.comprivate.api.eu-de.dataplatform.cloud.ibm.comprivate.api.eu-gb.dataplatform.cloud.ibm.comprivate.api.jp-tok.dataplatform.cloud.ibm.comprivate.au-syd.ml.cloud.ibm.comprivate.ca-tor.ml.cloud.ibm.comprivate.dev.aws.wxai.ibm.comprivate.eu-de.ml.cloud.ibm.comprivate.eu-gb.ml.cloud.ibm.comprivate.internal.wxai.ibmforusgov.comprivate.internal.wxai.prep.ibmforusgov.comprivate.jp-tok.ml.cloud.ibm.comprivate.test.aws.wxai.ibm.comprivate.us-east-1.aws.wxai.ibm.comprivate.us-south.ml.cloud.ibm.comprivate.us-south.ml.test.cloud.ibm.comprivate.wml-fvt.ml.test.cloud.ibm.comprivate.wml-mcsp-dev.ml.test.cloud.ibm.comprivate.wxai-qa.ml.cloud.ibm.comprivate.wxai.ibmforusgov.comprivate.wxai.prep.ibmforusgov.comprivate.yp-cr.ml.cloud.ibm.comprivate.yp-qa.ml.cloud.ibm.comproceedings.neurips.ccprogrammablesearchengine.google.comprometheus.iopub.ist.ac.atpublic.ukp.informatik.tu-darmstadt.depubs.opengroup.orgpurl.orgpushgateway.localpydantic-docs.helpmanual.iopygments.orgpygraphviz.github.iopyjwt.readthedocs.iopymongo.readthedocs.iopymysql.readthedocs.iopyos.github.iopypdf.readthedocs.iopyperclip.readthedocs.iopypi.orgpypi.python.orgpypika.readthedocs.iopython-devtools.helpmanual.iopython-oracledb.readthedocs.iopython-patterns.guidepython.langchain.compython.orgpytorch.orgpytube.iopyyaml.orgqdrant.github.ioqdrant.techqianwen-res.oss-cn-beijing.aliyuncs.comqwenlm.github.ioraw.githubusercontent.comredis.comredis.ioredis.readthedocs.ioredisearch.ioreference.langchain.comrefspecs.linuxfoundation.orgrequests.readthedocs.iorevrich.readthedocs.iorosettacode.orgrrc.cvc.uab.esrussellfunk.orgs3s3-api.us-geo.objectstorage.service.networklayer.coms3-api.us-geo.objectstorage.softlayer.nets3.amazonaws.comsafetensors-convert.hf.spacesambanova.aisariyuce.comsbert.netschemasschemas.langflow.orgschemas.microsoft.comschemas.openxmlformats.orgscipy.orgscrapethis.comsecondary.endpointsemver.orgsentry.ioserpapi.comsethmlarson.devsetuptools.pypa.iositesites.cs.ucsb.edusmith.langchain.comsome-cohere-baseurl.aisome-url.comsourceforge.netspark.apache.orgspdx.devspecifications.freedesktop.orgspecs.frictionlessdata.iospider.cloudsqlalche.mesqlite.orgstackoverflow.comstarlite-api.github.iostorage.googleapis.comstreamlinehq.comsuno-ai.notion.sitesupport.google.comsupport.langchain.comsupport.sas.comswagger.ioswanlab.cnsync.assemblyai.comtechnet.microsoft.comtechspot.zzzeek.orgtest.aws.wxai.ibm.comtest.cloud.ibm.comtest.pypi.orgthumbs.dreamstime.comtikatikz.devtimeapi.iotools.ietf.orgtwisted.orgtwitter.comtyper.tiangolo.comuefa.comunicode.orgunpkg.comupload.pypi.orgupload.wikimedia.orguqfoundation.github.iourl1url2urllib3.readthedocs.ious-documentai.googleapis.comus-east-1.aws.wxai.ibm.comus-south.ml.cloud.ibm.comus-south.ml.test.cloud.ibm.comus.generation-nt.comusers.cecs.anu.edu.auvalidate-pyproject.readthedocs.iovcrpy.readthedocs.iovideolectures.netviews.scientific-python.orgvisualstudio.microsoft.comvlado.fmf.uni-lj.sivowpalwabbit.orgw.wikiw3.orgweaviate.ioweb.archive.orgweb.eecs.utk.eduweb.math.princeton.eduweb.mit.eduwebsockets.readthedocs.iowheel.readthedocs.iowiki.centos.orgwml-fvt.ml.test.cloud.ibm.comwml-mcsp-dev.ml.test.cloud.ibm.comwuecampus2.uni-wuerzburg.dewwwwww-cs-faculty.stanford.eduwww-cs-students.stanford.eduwww-personal.umich.eduwww.aclweb.orgwww.aiim.orgwww.algorithmic-solutions.infowww.analytictech.comwww.anthropic.comwww.apache.orgwww.assemblyai.comwww.bing.comwww.blevesearch.comwww.combinatorics.orgwww.comet.comwww.coolmath.comwww.cs.cmu.eduwww.cs.cornell.eduwww.cs.purdue.eduwww.cs.technion.ac.ilwww.cs.umd.eduwww.cs.uu.nlwww.cse.msu.eduwww.deepmind.comwww.dvc.orgwww.dynaconf.comwww.dynamic.net.auwww.eff.orgwww.elastic.cowww.example.珠宝www.faqs.orgwww.fim.uni-passau.dewww.freedesktop.orgwww.freetds.orgwww.gevent.orgwww.gexf.netwww.github.comwww.googleapis.comwww.graphdegeneracy.orgwww.graphviz.orgwww.haproxy.orgwww.iana.orgwww.ibm.comwww.ics.uci.eduwww.ietf.orgwww.ilankelman.orgwww.in-ulm.dewww.informatik.uni-augsburg.dewww.iso.orgwww.jmlr.orgwww.jstor.orgwww.kxan.comwww.langchain.comwww.langflow.orgwww.math.uchicago.eduwww.math.ucsd.eduwww.mdpi.comwww.microsoft.comwww.mindrot.orgwww.mlflow.orgwww.mongodb.comwww.nature.comwww.numberanalytics.comwww.openbsd.orgwww.openssl.orgwww.openwall.comwww.opm.govwww.oracle.comwww.oreilly.comwww.owasp.orgwww.paddleocr.aiwww.patterns.appwww.pcre.orgwww.pnas.orgwww.postgresql.orgwww.psycopg.orgwww.pyopenssl.orgwww.python-httpx.orgwww.python.orgwww.red-dove.comwww.researchgate.netwww.rfc-editor.orgwww.santafe.eduwww.santofortunato.netwww.sbert.netwww.scielo.brwww.sciencedirect.comwww.searchapi.iowww.sqlite.orgwww.starlette.devwww.stata.comwww.stats.ox.ac.ukwww.statsmodels.orgwww.structlog.orgwww.sympy.orgwww.tensorflow.orgwww.textualize.iowww.theregister.co.ukwww.together.aiwww.unicode.orgwww.w3.orgwww.w3schools.comwww.wandb.comwww.weaviate.iowww.wikidata.orgwww.win.tue.nlwww.xudongz.comwww.youtube.comwww.yworks.comwww.zetetic.netwww.аррӏе.comwww2.asanet.orgwxai-qa.ml.cloud.ibm.comwxai.ibmforusgov.comwxai.prep.ibmforusgov.comx.comxarray.pydata.orgxlrd.readthedocs.ioxxx.openai.azure.comyahoo.comyaml.orgyaml.readthedocs.ioyour-endpoint.openai.azure.comyour-valid-image-url.pngyourhost.comyoutu.beyoutube.comyoutube.googleapis.comyp-cr.ml.cloud.ibm.comyp-qa.ml.cloud.ibm.com

high firecrawl-py User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:10 pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:5 repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:6 repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:5 repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:5 repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:5 repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:6 repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:33
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:40
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:5 repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:6 repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:5 repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:13
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:9
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:6 repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:5 repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:6 repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:6 repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:5 repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:5 repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:5 repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:33
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:40
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:13
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:9
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:33
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:40
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:13
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:9
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:14
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:24
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:6 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:12
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:17
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:10
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:16
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:20
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:11
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:18
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:265 repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:260
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/check_backend_status.py:25 repo/scripts/gp/check_backend_status.py:32
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/check_backend_status.py:25 repo/scripts/gp/check_backend_status.py:54
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/download.py:21 repo/scripts/gp/download.py:27
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:21 repo/scripts/gp/gp_client.py:61
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:21 repo/scripts/gp/gp_client.py:70
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:21 repo/scripts/gp/gp_client.py:84
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:21 repo/scripts/gp/gp_client.py:98
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/upload.py:28 repo/scripts/gp/upload.py:40
high first-party (python) User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/upload.py:28 repo/scripts/gp/upload.py:53
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/base/models/groq_model_discovery.py:140 repo/src/lfx/src/lfx/base/models/groq_model_discovery.py:142
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/agentql/agentql_api.py:99 repo/src/lfx/src/lfx/components/agentql/agentql_api.py:127
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/cometapi/cometapi.py:98 repo/src/lfx/src/lfx/components/cometapi/cometapi.py:102
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/datastax/astradb_cql.py:180 repo/src/lfx/src/lfx/components/datastax/astradb_cql.py:220
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:67 repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:68
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:118 repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:150
high first-party (python): src/lfx User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/load/utils.py:34 repo/src/lfx/src/lfx/load/utils.py:37
hub Dependency data flows (24)
high mcp dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:239 pkgs/python/[email protected]/src/openai/lib/azure.py:278
high openai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:563 pkgs/python/[email protected]/src/openai/lib/azure.py:602
high langsmith dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langsmith/sandbox/_models.py:222 pkgs/python/[email protected]/langsmith/sandbox/_models.py:223
high langwatch dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:217 pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:218
high langwatch dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:249 pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:250
high assemblyai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/client.py:39 pkgs/python/[email protected]/assemblyai/client.py:56
high assemblyai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/streaming/v3/async_client.py:517 pkgs/python/[email protected]/assemblyai/streaming/v3/async_client.py:520
high assemblyai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/streaming/v3/client.py:377 pkgs/python/[email protected]/assemblyai/streaming/v3/client.py:382
high smolagents dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/smolagents/default_tools.py:196 pkgs/python/[email protected]/src/smolagents/default_tools.py:210
high smolagents dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/smolagents/default_tools.py:461 pkgs/python/[email protected]/src/smolagents/default_tools.py:465
high firecrawl-py dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:689 pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687
high firecrawl-py dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1255 pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253
high firecrawl-py dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:767 pkgs/python/[email protected]/firecrawl/v1/client.py:765
high firecrawl-py dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:1420 pkgs/python/[email protected]/firecrawl/v1/client.py:1418
high transformers dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2534 pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2561
high transformers dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2534 pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2562
high transformers dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/utils/hub.py:178 pkgs/python/[email protected]/src/transformers/utils/hub.py:178
high langchain-milvus dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:63 pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:79
high langchain-milvus dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:121 pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:131
high langchain-milvus dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:164 pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:174
high langchain-milvus dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:202 pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:210
high langchain-mistralai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_mistralai/chat_models.py:724 pkgs/python/[email protected]/langchain_mistralai/chat_models.py:729
high langchain-mistralai dependency User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_mistralai/chat_models.py:724 pkgs/python/[email protected]/langchain_mistralai/chat_models.py:741

</> First-Party Code

first-party (python)

python first-party
high pii_flow production #f5b46b045bd963b5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7805fd88076b32f5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
response = requests.get(url, headers=headers, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #368d95310b0fb61f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3177b41c7a3f0bba User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:18
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #02a9cd1231009c1a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #eac8accd70b904b1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7143c1ae003ddd03 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:14
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #78bd03b8d9914138 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c0f7f0435c150a3b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c426e6045706ab48 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:26
download = requests.get(
    f"{base}/api/v1/files/download/{flow_id}/{file_name}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6e1a2135f7fc400f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:15
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d13588306ab81b99 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:24
download = requests.get(
    f"{base}/api/v2/files/{file_id}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a0e36e0a4eb6d083 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #51323b0b59e0b481 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:28 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
response = requests.put(url, headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fd8a8c5e2995a26a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c0c55e7d9edb3bc2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9683dc17cd105e63 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #638292da846d3e36 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a9e307be449024c8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #af1782decc927d3c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #08c74a81f3b05f63 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #bf0252d08643bde3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e72872b27bb27f18 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
listed = requests.get(f"{base}/api/v1/files/list/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1ca28fb98dcd29ea User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4cac9ecf5e990bc3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
response = requests.post(f"{base}/api/v1/run/{flow_id}", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #810831e30265e640 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
response = requests.post(
    f"{base}/api/v1/run/{flow_id}?stream=false",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e17a85fd64b7831d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:24
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9436910c6644e0cc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #982880ff5be260ae User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
response = requests.post(
    f"{base}/api/v1/webhook/{flow_id}",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6ae6f28209f1cead User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:27
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d853d669234d9a9c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:26
response = requests.post(f"{base}/api/v1/flows/batch/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2c109c644b252ce9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:10
create = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary flow for delete-flow example",
        "data": {"nodes": [], "edges": []},
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fb048a5dd83a9085 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:23
delete = requests.delete(f"{base}/api/v1/flows/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e987f812e442b8a7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:17
extra = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-export-temp-flow",
        "description": "Temporary second flow for export example",
        "data": {"nodes": [], "edges": []},
        **({"folder_id": folder_id} if folder_id else {}),
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #cd89314138141430 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:33 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:33
response = requests.post(f"{base}/api/v1/flows/download/", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #32414570cfb2fbaa User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:40 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:40
requests.delete(f"{base}/api/v1/flows/{extra_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #dbb8011845fd6d5b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3f3b2af1ce2678b8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #27c3f7ca5f04a953 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7218783eec6a3340 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b122ff98f23996a6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7a31f1310c22d36e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:18
response = requests.patch(f"{base}/api/v1/flows/{flow_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1d80a46e07df3473 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3f307c32493052d8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:13 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:13
response = requests.get(url, headers=headers, stream=True, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fd90a43c434221db User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #25e0efc4c33224de User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:12
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c8540215867cee91 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:27
response = requests.delete(f"{base}/api/v1/monitor/messages", headers=headers, params=params, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6bf6eb61e397ecae User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b398cce7738f61a4 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:9 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:9
response = requests.get(
    f"{base_url}/api/v1/monitor/traces",
    params={"flow_id": flow_id, "page": 1, "size": 50},
    headers={"x-api-key": api_key, "accept": "application/json"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d9d52b845440028d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1d60e296a561e3c2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #27be1f8b1bf0b8fe User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f4b13bfaba35250f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a4e5d3aa87cdaf32 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #654af8e240e3488d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:26
response = requests.put(
    f"{base}/api/v1/monitor/messages/{message_id}",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e4f0230eb5c9bdcc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ea3a4fe5bd8e96c2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:26
response = requests.patch(
    f"{base}/api/v1/monitor/messages/session/{old_session_id}",
    headers=headers,
    params={"new_session_id": new_session_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #77778617e90ac7d9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6a3c8728c2e0ac86 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b3de8b881d8b539f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #99625b40bf1647c3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c4de9a14b71f2d6b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #af038e8e05b5c7a2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3fc4dabfcd6f7ebb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5ae9b2a47789c9fc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f6f242276cc38e7e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:20
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fc745b4d08cd3c1b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c0bac5d917802a28 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:10
create = requests.post(
    f"{base}/api/v1/projects/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary project",
        "components_list": [],
        "flows_list": [],
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fbcf14c7bfb11aeb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:24
delete = requests.delete(f"{base}/api/v1/projects/{project_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c71356251ec0d2db User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ec31ccfe75887408 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:16
response = requests.post(f"{base}/api/v1/projects/upload/", headers=headers, files=files, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2d2d98b7f7226048 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #16639a12f9aee800 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b55b304a8fc7c7d1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:17
response = requests.patch(f"{base}/api/v1/projects/{project_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f0211f4f16e3d73b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #73a61e3e4adbc42b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #140c79aa7863117e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7f2ab90127e82b83 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #908ec243a61f6e02 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #43ca16ac88cc8336 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:16
response = requests.post(f"{base}/api/v1/users/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #92ea93ce3ca30819 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:11
create = requests.post(
    f"{base}/api/v1/users/",
    headers=headers,
    json={"username": f"docsdel_{uuid.uuid4().hex[:12]}", "password": "securepassword123"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e4ce2b88a27b45b2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:20
delete = requests.delete(f"{base}/api/v1/users/{user_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #cf3d601f8eee2fac User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #28e7ac292fc1601a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fe7b448017dfe0bf User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4994167702be3698 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:17
response = requests.patch(
    f"{base}/api/v1/users/{user_id}/reset-password",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a3805ec266c38772 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6f7e468a60138815 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:16
response = requests.patch(f"{base}/api/v1/users/{user_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e110f8be779a38ad User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9afabb48f0b98ed2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ed7ff65e782217b5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:20
stop = requests.post(
    f"{base}/api/v2/workflows/stop",
    headers=headers,
    json={"job_id": job_id},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #80fd6fcd40574ed4 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4516e3ead8195fe7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3496c384d06c93e2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #220b1492aefab4d9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
response = requests.get(url, headers=headers, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d82a04a70c9c8538 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9a84a5b548cfc63c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #591b51a8c3d58716 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #cfc0862ea7cc74cf User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2477591fe0d9cf7d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:14
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4dbe373f6a1490f7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ee1049006b4133fb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e217245c70616ca9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:26
download = requests.get(
    f"{base}/api/v1/files/download/{flow_id}/{file_name}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3489f33c9484d9ee User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:15
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #35583fcbc5a2548a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:24
download = requests.get(
    f"{base}/api/v2/files/{file_id}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5204ecdd3623ca98 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5f950d3864e10520 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
response = requests.put(url, headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e52695e4f8453df5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0589245442051ef4 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #997d225e5cccb7cf User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d4e4d9b625a6defb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e9a3c08bc84b5b3b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #18c05f31786d7c73 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #84f227ff3f90147f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7420c0dad36b0741 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #40957e2c46143bb8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
listed = requests.get(f"{base}/api/v1/files/list/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d55b657b8a769402 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #94b3646dc260b427 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
response = requests.post(f"{base}/api/v1/run/{flow_id}", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3dd0f22cf1b8dec2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
response = requests.post(
    f"{base}/api/v1/run/{flow_id}?stream=false",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0d8abb78840480eb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:24
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3f33a9db13101dc5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #db8b057d1c27c8ac User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
response = requests.post(
    f"{base}/api/v1/webhook/{flow_id}",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #33f8cce559dbc0b4 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:27
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d19a4e92a8f0c7ba User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:26
response = requests.post(f"{base}/api/v1/flows/batch/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3d1fc216cc721822 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:10
create = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary flow for delete-flow example",
        "data": {"nodes": [], "edges": []},
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #67ee1a570edd0594 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:23
delete = requests.delete(f"{base}/api/v1/flows/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ef46419e3c36bc3e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:17
extra = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-export-temp-flow",
        "description": "Temporary second flow for export example",
        "data": {"nodes": [], "edges": []},
        **({"folder_id": folder_id} if folder_id else {}),
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b6e5f654eee7be75 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:33 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:33
response = requests.post(f"{base}/api/v1/flows/download/", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a795e5951159239c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:40 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:40
requests.delete(f"{base}/api/v1/flows/{extra_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ea7f2a48a282b143 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ed643685771307cb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #95e077002893643a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d5815c3ec94c2358 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #54e5108b67564416 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #35253ef3ac7e2f9a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:18
response = requests.patch(f"{base}/api/v1/flows/{flow_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ac71d908f61084ac User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #09ec0e31fe818909 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:13 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:13
response = requests.get(url, headers=headers, stream=True, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #49dce343f81abee1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d77cbe4d3345e2b6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:12
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #33a907d208c86c40 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:27
response = requests.delete(f"{base}/api/v1/monitor/messages", headers=headers, params=params, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b8c1fba15356dd4f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e91230caa150745f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:9 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:9
response = requests.get(
    f"{base_url}/api/v1/monitor/traces",
    params={"flow_id": flow_id, "page": 1, "size": 50},
    headers={"x-api-key": api_key, "accept": "application/json"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fcef76f1f1c9f02f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #bc1a8d09f3604d35 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #09b547b03696b5f2 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d0d601618d702a61 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #910dd43c8cfb2f97 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a38d87e53ead9740 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:26
response = requests.put(
    f"{base}/api/v1/monitor/messages/{message_id}",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b56305d60c446951 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7b5cd3a76d46bd86 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:26
response = requests.patch(
    f"{base}/api/v1/monitor/messages/session/{old_session_id}",
    headers=headers,
    params={"new_session_id": new_session_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #76a58fb07bd8bcbe User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7944a1d9bfc2a3b8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3b4e819c8ffd476f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #84af7fb3e3588c40 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #160466dfc915704a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #203cb9d58d8c6e4d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #848db6df213d44c5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e6be765e04e831c0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5e8612d6c6f5de7f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:20
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #54c2dee8c8a56c3b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a92e819d4f673dea User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:10
create = requests.post(
    f"{base}/api/v1/projects/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary project",
        "components_list": [],
        "flows_list": [],
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #394a76df452221ce User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:24
delete = requests.delete(f"{base}/api/v1/projects/{project_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7fff96c84d87f53d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3a5c6f205befda62 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:16
response = requests.post(f"{base}/api/v1/projects/upload/", headers=headers, files=files, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #031ca1d37866990c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f27b2a023bb10c59 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6b976be307d1672b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:17
response = requests.patch(f"{base}/api/v1/projects/{project_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #bd3c737e391c155f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a06d4c32d4fd7a6e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2be4cb42cc7f8e99 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4a03ec1c39026147 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #07b5e558207b9661 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7b9fb7017bf996be User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:16
response = requests.post(f"{base}/api/v1/users/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a2d42f06e329ccfc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:11
create = requests.post(
    f"{base}/api/v1/users/",
    headers=headers,
    json={"username": f"docsdel_{uuid.uuid4().hex[:12]}", "password": "securepassword123"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #97091941567d28f7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:20
delete = requests.delete(f"{base}/api/v1/users/{user_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c66eebc5c82e50b9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0a28f308a0484a17 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0ec17920f3b3fd95 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3b8b541459615a79 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:17
response = requests.patch(
    f"{base}/api/v1/users/{user_id}/reset-password",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b83a3a676eb14c0f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #00de6cf7b4432e5b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:16
response = requests.patch(f"{base}/api/v1/users/{user_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ad3a4d857c44155b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e9c1eaeb6f769790 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #eddbca373c8290a9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:20
stop = requests.post(
    f"{base}/api/v2/workflows/stop",
    headers=headers,
    json={"job_id": job_id},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #bee59e578e74cb86 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c77527a90ecdca45 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:22
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #8402f3caf9de9266 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4a9c8edad35bb000 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:15
response = requests.get(url, headers=headers, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #92c2a36195b40d3a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1c4c28a4ed779898 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:18
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #782dda75d4573641 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c60c6631372b3c8e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #76403ab16bb632a9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:14
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #71f68f1050bd0fee User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e83ac345261e3bfe User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2654849d56cdb74b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:26
download = requests.get(
    f"{base}/api/v1/files/download/{flow_id}/{file_name}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #686c9910c046e40b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:15
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c1a8507e8dca814c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:24
download = requests.get(
    f"{base}/api/v2/files/{file_id}",
    headers=headers,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5bddd89c58584e89 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:16
upload = requests.post(
    f"{base}/api/v2/files",
    headers=headers,
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e6596ce467d1b5d3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:28
response = requests.put(url, headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f0c4be76650e5d60 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f44d4f8d3efe04b1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #869258873aebff08 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:21
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a5c36ba61d5af203 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9430085b2049c404 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b3dc90e1d825fdac User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0e1d1d30b4db6182 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d7b24f110022e16a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:16
upload = requests.post(
    f"{base}/api/v1/files/upload/{flow_id}",
    headers=headers,
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1894bdfefe71a8c5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:24
listed = requests.get(f"{base}/api/v1/files/list/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2ca4015d365bdc95 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:15
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b6985ae02dbb754e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:22
response = requests.post(f"{base}/api/v1/run/{flow_id}", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5eac1996ed3386f5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:23
response = requests.post(
    f"{base}/api/v1/run/{flow_id}?stream=false",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #44ab853e696774df User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:24
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fac9e2f4782845e7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:15
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fd7efc5b9e9eb5f6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:16
response = requests.post(
    f"{base}/api/v1/webhook/{flow_id}",
    headers=headers,
    json=payload,
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4c4b5b76d78fa457 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:27
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ab3e93bc12807a8c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:26
response = requests.post(f"{base}/api/v1/flows/batch/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #aa271a35da1defa3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:10
create = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary flow for delete-flow example",
        "data": {"nodes": [], "edges": []},
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #cad5b4720a257da3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:23
delete = requests.delete(f"{base}/api/v1/flows/{flow_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c196ce770f897578 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:17
extra = requests.post(
    f"{base}/api/v1/flows/",
    headers=headers,
    json={
        "name": "docs-export-temp-flow",
        "description": "Temporary second flow for export example",
        "data": {"nodes": [], "edges": []},
        **({"folder_id": folder_id} if folder_id else {}),
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #752c475c79e60757 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:33 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:33
response = requests.post(f"{base}/api/v1/flows/download/", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2bad2dc4ca9771aa User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:40 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:40
requests.delete(f"{base}/api/v1/flows/{extra_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c90b7d51f547422e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:16
response = requests.request("POST", url, headers=headers, files=files)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7ffd489472eb7e1a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ed038670948926f7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3cbef9be5686a060 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #59320eb3cb8d54a7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #506e1e9daa49f603 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:18
response = requests.patch(f"{base}/api/v1/flows/{flow_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #92a4fa652f457d90 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d24622ead1046890 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:13 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:13
response = requests.get(url, headers=headers, stream=True, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2eda1df0df6207db User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d0818342236abfbf User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:12
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0f6632cf3a95c835 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:27
response = requests.delete(f"{base}/api/v1/monitor/messages", headers=headers, params=params, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6240543f1d924a8e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:12
response = requests.request("DELETE", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2b2222116d572804 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:9 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:9
response = requests.get(
    f"{base_url}/api/v1/monitor/traces",
    params={"flow_id": flow_id, "page": 1, "size": 50},
    headers={"x-api-key": api_key, "accept": "application/json"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7fa3bf1487de2255 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #3cb9b40cb4b2eb6b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1c80704e22563bf1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4c82305f28c6a3ce User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #19f7598e781a60aa User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c51bd3d4d2793bc5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:26
response = requests.put(
    f"{base}/api/v1/monitor/messages/{message_id}",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7fcef4ff8746d894 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:11
list_resp = requests.get(
    f"{base}/api/v1/monitor/messages",
    headers=headers,
    params={"flow_id": flow_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #8092df4fe126a50e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:26
response = requests.patch(
    f"{base}/api/v1/monitor/messages/session/{old_session_id}",
    headers=headers,
    params={"new_session_id": new_session_id},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9b63ed01f4eeadf7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:26
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9f1d1889ee92f1fb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:25
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #04406014b36c7ad3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:22
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f7cf3f7998207481 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #befd9fa050d19322 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ddd90bf754e72e46 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:17
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1652e4e7ef50fd91 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:23
response = requests.post(url, headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #4f5ae19e12ac48b8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9991ffa068f4dd1f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:20
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d4d9c69669d600f9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:14 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:14
response = requests.request("POST", url, headers=headers, json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f4cea1de39db612e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:10
create = requests.post(
    f"{base}/api/v1/projects/",
    headers=headers,
    json={
        "name": "docs-example-delete-me",
        "description": "Temporary project",
        "components_list": [],
        "flows_list": [],
    },
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #13e2056568ba462a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:24 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:24
delete = requests.delete(f"{base}/api/v1/projects/{project_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #15c0f08cbcb7f8a5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a5710aaa0fc8e788 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:16
response = requests.post(f"{base}/api/v1/projects/upload/", headers=headers, files=files, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #91635144fc13701e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9649e3cca1e3489f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #a109d35d8c7cc0b5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:17
response = requests.patch(f"{base}/api/v1/projects/{project_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #77ef18d7c13bb7f6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:22
response = requests.post(url, headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #c9d026d2a1adaa61 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5a132b7d079cc6b9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #0259fe68f8fec1bb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ebf9c72a4277d2ce User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:11
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #494d9ed4cfe9d7b0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:16
response = requests.post(f"{base}/api/v1/users/", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #16643df9f84a082f User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:11
create = requests.post(
    f"{base}/api/v1/users/",
    headers=headers,
    json={"username": f"docsdel_{uuid.uuid4().hex[:12]}", "password": "securepassword123"},
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1e8760a5ca3fe727 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:6 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:20
delete = requests.delete(f"{base}/api/v1/users/{user_id}", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #68dfb2097baaf3b0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2c6e12c1cd29904e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:12 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:12
response = requests.request("GET", url, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d7ce8bdb6772a534 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #b8cdc1b2e20dc0f5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:17 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:17
response = requests.patch(
    f"{base}/api/v1/users/{user_id}/reset-password",
    headers=headers,
    json=payload,
    timeout=30,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #9493795708ad1ea8 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:10 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:10
who = requests.get(f"{base}/api/v1/users/whoami", headers=headers, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d4c405f681a8ed2e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:16 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:16
response = requests.patch(f"{base}/api/v1/users/{user_id}", headers=headers, json=payload, timeout=30)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #84485d5ccf54ee33 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:18
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=60)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5a15475e317e0fbc User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #f3a166aa7ef8941c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:20 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:20
stop = requests.post(
    f"{base}/api/v2/workflows/stop",
    headers=headers,
    json={"job_id": job_id},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e3331d8bbfe5ad81 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:11 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:11
start = requests.post(
    f"{base}/api/v2/workflows",
    headers=headers,
    json={"flow_id": flow_id, "background": True, "stream": False, "inputs": {}},
    timeout=60,
)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #5769b13ecc573c51 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:18 · flow /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5 → /tmp/closeopen-uhn6nk5u/repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:18
response = requests.post(f"{base}/api/v2/workflows", headers=headers, json=payload, timeout=120)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #683a4af73db95ea9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:260 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:265 → /tmp/closeopen-uhn6nk5u/repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:260
        self._client = httpx.AsyncClient(
            base_url=self.base_url,
            timeout=httpx.Timeout(self.timeout_secs),
            verify=self.verify_tls,
            headers={
                "x-api-key": self.api_key,
                "Content-Type": "application/json",
            },
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #2eadbe7d6e782d1b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/check_backend_status.py:32 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/check_backend_status.py:25 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/check_backend_status.py:32
    response = requests.get(
        url,
        headers=get_headers(url, "GET"),
        verify=False,  # noqa: S501
        timeout=REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #e790451de445386c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/check_backend_status.py:54 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/check_backend_status.py:25 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/check_backend_status.py:54
            response = requests.get(
                url,
                headers=get_headers(url, "GET"),
                verify=False,  # noqa: S501  # Why: IBM GP's TLS cert has historically caused verification failures in CI
                timeout=REQUEST_TIMEOUT,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7fa6113fdfdb3a58 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/download.py:27 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/download.py:21 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/download.py:27
    response = requests.get(
        url,
        headers=get_headers(url, "GET"),
        verify=False,  # noqa: S501
        timeout=REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #baa7a83f96222e11 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:61 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:21 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:61
    response = requests.get(url, headers=get_headers(url, "GET"), verify=VERIFY_SSL, timeout=REQUEST_TIMEOUT)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #1a612dd0cf77e85b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:70 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:21 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:70
    response = requests.put(
        url,
        headers=get_headers(url, "PUT", body),
        json=body,
        verify=VERIFY_SSL,
        timeout=REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #bf78e78be8e459e1 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:84 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:21 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:84
    response = requests.put(
        url,
        headers=get_headers(url, "PUT", strings),
        json=strings,
        verify=VERIFY_SSL,
        timeout=REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6955ff56f863082e User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/gp_client.py:98 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:21 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/gp_client.py:98
    response = requests.get(url, headers=get_headers(url, "GET"), verify=VERIFY_SSL, timeout=REQUEST_TIMEOUT)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #d03ac07edd38d022 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/upload.py:40 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/upload.py:28 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/upload.py:40
    response = requests.put(
        url,
        headers=get_headers(url, "PUT", strings),
        json=strings,
        verify=False,  # noqa: S501
        timeout=BACKEND_REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #ba7e4331492024bf User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/scripts/gp/upload.py:53 · flow /tmp/closeopen-uhn6nk5u/repo/scripts/gp/upload.py:28 → /tmp/closeopen-uhn6nk5u/repo/scripts/gp/upload.py:53
    response = requests.put(
        url,
        headers=get_headers(url, "PUT", body),
        json=body,
        verify=False,  # noqa: S501
        timeout=BACKEND_REQUEST_TIMEOUT,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 702 low-confidence finding(s)
low env_fs production #1ce69a457f23e0c8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('JOB_ID', '')}/events"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9eb1b342a5d23f1 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61066612944841bb Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38092af8ec9edb4a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:6
job_id = os.environ.get("JOB_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31259516cab891e2 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc7545d78334d19d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42207565dd46c767 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #880cdf80e877e0e9 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c1d43b5e8fdf958 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/override-flow-parameters.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56af335a2b84ff2c Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb6a09d29fe9c669 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-build/set-start-and-stop-points.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c70294ef7e39f987 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #244c2754ec557dda Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-all-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49d90e182a7a35bf Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:6
    f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/delete/{os.getenv('FLOW_ID', '')}/2024-12-30_15-19-43_your_file.txt"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #059cec2326456363 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v1.py:11
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e65b8381e6e4721 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files/{os.getenv('FILE_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f132b3b4741adc4 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/delete-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c6ef2ebefb62502 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11a6b8eab3777d71 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95314746a325879a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #48944382cd7039e4 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7dfb5c04a7982d77 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v1.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10a9f3a020491a86 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce2075e3d91cc48c Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7f988b347648212f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:11
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f288a0538cc01dac Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/download-file-v2.py:18
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1436af5e37af8876 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:8
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2f2a76acb0a9e23 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5de7f23fa00ccdf1 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9806aeddea89d6ba Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #deff887a20cf651d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/edit-file-name-v2.py:25
new_name = os.environ.get("RENAMED_FILE_BASENAME", "renamed-sample-upload")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2f0a7411449a855 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/list/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7cbac689d178879 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f6eacc5c532988aa Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #553fe6f6180ccf40 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/list-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c968149548bc117 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f7fec8a79282720 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7fa831d72a5036d7 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e439c52984dc872a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e26b8269c51cd65d Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #efcc6b81e1fe57d4 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d084382e2f2c153 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d861ea8bd97b1e69 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2513c23907075a6 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66e1d15862b98e1a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b87149ee8277f99 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f2388aad7443493 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e40ebdd1b0982f0 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #feb7f637b254d379 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7551b5461c855e8f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae123f14a2adcef3 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb0080da19c34d32 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #700cb6e6d3808892 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #676adc8af671202a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e59823083a72c3bb Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:12
image_path = Path(os.environ.get("SAMPLE_IMAGE_FILE", str(fixtures / "sample-upload.png")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6fe6a29c36587de1 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:19
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #76cc6d17510958d5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #390dcd8d16763a6a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f75bc02c9a942b4f Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c6ddd02d9993764a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bd0baa1d77f5107 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2982f17c76fcb2e5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #37064408142f6235 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ecc570a2f734af89 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e828428d499887c Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93a2a296e7dd4a06 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5a46d6f8ba4179e Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c464d024b42b5aa Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8717636e8130d4f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae4ff8eb7d0443b1 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}?stream=true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5428c4bb6bda7da3 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32813d7277aaada2 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #86713bf1dea09b4b Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58f9608688621fe6 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82d5293aa7f52b57 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c2bc209e5670c5a3 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flow.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40804126b8a7339b Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e4337db6fe788584 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b7284bb08898aef Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/create-flows.py:8
folder_id = (os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9331b01e37fdfc3f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32f26cd83a7a6ed8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/delete-flow.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c2f91b8eb9230b7 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f23d2da07bdc6d4f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #57afc29375e119b4 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d92b7e3b044292ff Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:8
folder_id = os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd9ba9fc6f79b48a Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-flows/export-flows.py:36
with open("langflow-flows.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #646df84ade412642 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/upload/?folder_id={os.getenv('FOLDER_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #715573ff4531c80a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a4582a3b505b814 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1b0bf8489cacbca Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #51dd48abcc7d4f42 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2d8b944cffd7648 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flow.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #817e7eff3d5d6dbe Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=true&components_only=false&get_all=false&project_id={os.getenv('PROJECT_ID', '')}&header_flows=false&page=1&size=1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e6efca833cfd5c0 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a86ad792ba5b77d7 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=false&components_only=false&get_all=true&header_flows=false&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a758b186c7719a02 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ea532800686d271 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/basic_examples/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eef05172db29a062 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/read-sample-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0bcac9e3e5f876f9 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3182b07af355d351 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a09bf2358cc78d5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-flows/update-flow.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a31863e3487c73db Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/logs?lines_before=0&lines_after=0&timestamp=0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f21ac4f7139ac81 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c96fc6e28384aa1d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad30a7af80acbbfc Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-logs/stream-logs.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e084a8de9e764885 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages/session/different_session_id_2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c20e04cf1331f08 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1a1cf373620c5ff Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e7d5625c1ffcb382 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca9677620d67624b Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-messages.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c7e12b58fe9e396d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36e70a75f7b3b50b Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a4592cecded29bc Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:5
base_url = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "http://127.0.0.1:7860")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d2fc30489f6de9e1 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84f34bc79e39468f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/example-request.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #45ae86e090270940 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages?flow_id={os.getenv('FLOW_ID', '')}&session_id=01ce083d-748b-4b8d-97b6-33adbb6a528a&sender=Machine&sender_name=AI&order_by=timestamp"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6b5a4fb1d2f3d14 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0d32ec6c6b6ffd77 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c53501ce190c5569 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-messages.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2f3b8f9c414bb59d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/transactions?flow_id={os.getenv('FLOW_ID', '')}&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9591709ebf180c8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-transactions.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e1613a0e695f6c3a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97e96698d46b0bd5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/get-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb08956293625d02 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be8bb27160dd3824 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d05b8534a5801b02 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-message.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3226e577ebe14d86 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba16d9efe1f7d2d6 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa9e28e417a30597 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-monitor/update-session-id.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e50c1eaa1d7450f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:5
base = (os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d03e7739f1e9416 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4dd9edd626b476da Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e457c3efdd3a31aa Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad6c731c066dd8a9 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:10
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3dfd10d15b41f74 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:11
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca176b842cdcf19f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5330cfd914181bc Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:9
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a285fb58132f33a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:10
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9dac4690bdd26c8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #563e16bac71fd1a0 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50536f0c6f6dca16 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f8d556853d25ee7 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #907bdf4fd9c103ce Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #58c529013be9888f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #488e13faa6294996 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95e0e3d226925233 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c44c6d34540f382 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f0bc75773cbb1ce3 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13a9067dfaec9246 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0fdd90728ddddeaf Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01e7576239767287 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b145d228239b7ab Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95e17e580d0acf57 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4dcc398cbe5b81bc Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project-2.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21a2515cd703206a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28cf68226e291027 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/create-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d6e82b682eb8f2d Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4341fab0e633464 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/delete-project.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0f2179ba808fcf0 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/download/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e4d58e9f280360c Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0835d8d1fe2c3d23 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-projects/export-a-project.py:15
with open("langflow-project.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ee7e521fdd8c0ce Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a148413d5db3b3d8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4effbc703a3fe4a2 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:11
import_path = Path(os.environ.get("PROJECT_IMPORT_JSON", str(default_json)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3b9e1b843329e38 Filesystem access.
repo/docs/docs/API-Reference/python-examples/api-projects/import-a-project.py:15
files = {"file": (import_path.name, import_path.read_bytes(), "application/json")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fb26e91e206bf12 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6ff929d66831cbba Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/read-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #369b1f787e0f2f67 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a6661aede4171ae Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/read-projects.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62dbbcbe88505359 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #223bf4096ec39933 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:7
project_id = os.environ.get("PROJECT_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #57f9a7733252b4fd Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-projects/update-project.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2abaf8c3ff5847ec Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7f5509f1c1101128 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bc411e784cabdbb Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6731b1bc389b7fbd Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/all"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2bbb67516518020 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ceaaadd5a992bbe0 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/config"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #845865d89e1877f5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #80a90c9db6d16157 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/get-version.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/version"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3259640dee5a740 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-reference-api-examples/health-check.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/health_check"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2784c4065ebf0e89 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d4300cd1b63881f Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/add-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9ec627728fed42cf Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #898f88c28dae574e Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/delete-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ddfd8a8c8c3cd8e Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1306c3658aed2cec Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/get-current-user.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a37ab870c0051ad Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/?skip=0&limit=10"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d54d5193a3b4d590 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/list-all-users.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d977c6f645073823 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae2e323aa23f41a8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/reset-password.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bdf061daf5d7812c Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c024383c214cc60 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/api-users/update-user.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3a6f0a9d24b3c2e8 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d87b9b1b3c76b99 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #896eee8feb0e11b0 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a52b961849399cd5 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #795e6b7749e41af7 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12e5582853620bca Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request-2.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b9269d3843f7760a Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4f8008ab83f66b33 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d08152884acc77a2 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d6bd97f9b77fbd2 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f1a63d259942eb6 Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4101f6b4136815b Environment-variable access.
repo/docs/docs/API-Reference/python-examples/workflows-api/example-synchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ffc0143088bfd74e Filesystem access.
repo/docs/openapi/fetch_openapi_spec.py:53
            (local_dir / filename).write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df47f07a3b40b195 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('JOB_ID', '')}/events"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32e9c6fd6b932bfa Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ae6a425e93a1468 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af52208a5940c56e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:6
job_id = os.environ.get("JOB_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88223aec29820747 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9ef2cdf42d756eb Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #245f6859f71139dc Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5ae2831621ecead Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #498d991f649aca90 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/override-flow-parameters.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #767149c0b3881b2c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b76a0d16c1b4138d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5c44c67fe3a96ca1 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c7f12196a5e38c30 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52224b170558a6a5 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:6
    f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/delete/{os.getenv('FLOW_ID', '')}/2024-12-30_15-19-43_your_file.txt"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c562976a8cd96a8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v1.py:11
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bf229692ee1be30 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files/{os.getenv('FILE_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fd4f71542d1f9677 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/delete-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a58a42569e78b116 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #be05a414b044016f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1cffe1870b83fd78 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #43fcb954ec0b4f56 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b91d9f468144c618 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v1.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d56dfd0e4f57904 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b1f4eeffbcaf5c5 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e662d2905cc08e22 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:11
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4c20f783c2be576 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/download-file-v2.py:18
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aba427910fcfdd97 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b876476a3ffe695 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #88144cac06f8dab0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9dee12f4af1fc8f Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce3dd84343b64189 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:25
new_name = os.environ.get("RENAMED_FILE_BASENAME", "renamed-sample-upload")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d2229528044d887b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/list/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7bc49e7a51ffb743 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73a4bd2d5a5fc9d7 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e8f0d90bfc8f423f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/list-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c21b7234b671bd06 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ad4549c94f7ac17 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55a43c71676df25c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #07a2fae89573ed5f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e133ba6771be4f29 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ee85f2f565d3c8a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc2b74eab327306f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ecbd3df17abdd654 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a97e64f9f76f12a1 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9127c372c6201a35 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #455216402e0fda1e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8145f2bf5dfa7b8b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3af8c300d1adb7b1 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c864731ca231ae4d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4210ae140f2164e8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3140194e768976fd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0112d0a38a29177b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5be1d600741a2d0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14a48115d51a76ca Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ccf207642d98134 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:12
image_path = Path(os.environ.get("SAMPLE_IMAGE_FILE", str(fixtures / "sample-upload.png")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2b6c11706830138 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:19
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee0f46079ae940c0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7830d654c56f8730 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23820b49d5f06cf1 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d8a420a4b0185ea Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d7ed7bb795f25e43 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4202c7b1e2cc6f0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #276162c277f36a9b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa587e7cdc3eafa8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4dd20b108e4fd372 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ae7dafdd56df270 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a17e563f3eb2be1 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5bf3acd15dad3db7 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #771f983a735a232e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #651fee6f4c9b4613 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}?stream=true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #954a0d9edccbaf51 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d7ad6e488db9345 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a557dce33e618796 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bea5f7809bb50896 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ade317cea10a8b02 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9a98798cf244277 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flow.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29088ad3fcd5116f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #98287493cae13f8a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9449890e4e51d31a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/create-flows.py:8
folder_id = (os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b17bf0d4c94c7822 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93c7accda153a6dd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/delete-flow.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a8bc02684a697d2 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #29ee2a85994da5c3 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac49d258d774f0e4 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #515a119ee4bd3ea1 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:8
folder_id = os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd134a659d5d5f57 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/export-flows.py:36
with open("langflow-flows.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65ac825b3093b21d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/upload/?folder_id={os.getenv('FOLDER_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c65e391ee8bc1fd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dc5cd6dc5b4c6923 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d34608873f30b747 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #81751479d3d6771c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e4550668a2aaa75 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flow.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #24ceecea8b730489 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=true&components_only=false&get_all=false&project_id={os.getenv('PROJECT_ID', '')}&header_flows=false&page=1&size=1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a4b3a59de531093 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2117fe2438c75b2d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=false&components_only=false&get_all=true&header_flows=false&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73dc843054119962 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cfcd89faa52cb313 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/basic_examples/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12be857f85182abf Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/read-sample-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53df150aec01308e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75f4261854323659 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55e19c3ce531e615 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-flows/update-flow.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b23c1194f3a2ae5a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/logs?lines_before=0&lines_after=0&timestamp=0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cffa5a4b36fd671 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ee338f5b10e7c26 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f58e1dec9ab392b3 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-logs/stream-logs.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #08a6d4c7ef1de9f8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages/session/different_session_id_2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c028465da3d55a44 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a40e752d8276cb5a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8b598a56049fb13 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #19427b1a41063bf8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-messages.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40cd8916e6067c8d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99bc6c46929cb2cf Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #739c59820b226fbc Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:5
base_url = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "http://127.0.0.1:7860")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c93c89c18462f98 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41c90f78cc405cb5 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/example-request.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d4cce559a6e8e8f8 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages?flow_id={os.getenv('FLOW_ID', '')}&session_id=01ce083d-748b-4b8d-97b6-33adbb6a528a&sender=Machine&sender_name=AI&order_by=timestamp"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62f431742c30653c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #914b1e2f0f7d5acb Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #de3de3ba6075583e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-messages.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1666c047022d36db Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/transactions?flow_id={os.getenv('FLOW_ID', '')}&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2c97a59107f3cf32 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-transactions.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9ce0d1fbe2f0c91 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91975098b8314f98 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0fd3202f42eea92d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b98096690edce6e1 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #420df7d5f65640d0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-message.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a2c863f88c16ab48 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #67e525403e8548aa Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c8db842efce1c0ac Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-monitor/update-session-id.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac4a962c1391687b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:5
base = (os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ae0ef1f6e3b9d2f7 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22cfc601f85efaf4 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cf879fa01e177c1a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9d41324b1132849 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:10
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab0949155dcdd9c0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:11
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #209aa1c740101688 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #766ec815c84e5da3 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:9
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f3dbc188ba5ab8a Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:10
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #697d33a190cd5056 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d604846b64118d0f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #292f5a9aaeb70223 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2e8c4ffd5deb91ae Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c4740602541e9fd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d431a21e123e706 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb49463e60c319b9 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #859aa66cbf8ae71b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #814b8b514a8c9709 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13f7a3b11aeb2d8d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c39b1ba3038524d3 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #47ca61008b084359 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d90ef555f0ae4f6f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #14b91097365f9600 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0c92fd6ba7fddf9 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0669d58ecd1d3bcb Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project-2.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1799653bca9fa452 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01273fd2a75a8a34 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/create-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a9527940c3cd2e5 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eec05dc0baf585b9 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/delete-project.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e2a921847949302 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/download/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #157197623bb221c2 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21c1bb392ca29554 Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/export-a-project.py:15
with open("langflow-project.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa856ec5a247080b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1230d455f4f3b647 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #134b873be9133cd9 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:11
import_path = Path(os.environ.get("PROJECT_IMPORT_JSON", str(default_json)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9e3a1707dd744ef Filesystem access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/import-a-project.py:15
files = {"file": (import_path.name, import_path.read_bytes(), "application/json")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7bafadb7cfb8231f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59f5e4a74eba5945 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f342a45eaaf7be6f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2892020f26d0b40 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/read-projects.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4a7211b17b0f526f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95bc0f1c4d740cdd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:7
project_id = os.environ.get("PROJECT_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c1592e424386431 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-projects/update-project.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8ddfdb6e0c21bc7 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bdaa6d18369a773 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f699852671b2444 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71b8df26c1d66f05 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/all"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ecb1ab187863a6b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #199f12c5b9fb2fe9 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/config"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fae11501b67be633 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35916b7d61c4c609 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/version"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0246114eb0f162e Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/health_check"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #08fe3010fe639e7d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c6697e27ab5a18c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/add-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #750df08f93173798 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b444cc1db36fa10b Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/delete-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1bf5efa96b2cb000 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a7f9e5ec13c1b3ef Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/get-current-user.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c17ff2d017ca6c3c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/?skip=0&limit=10"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cf8cf12e890babd0 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/list-all-users.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3123dcbc1fac08d5 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c7f38321ed26280 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/reset-password.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d92f8116b5c5947 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f0fb81a9abbc88c Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/api-users/update-user.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d6573642551616bd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #011aa31be2fd338f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #519a568466eab437 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #528e49ccbf1cc933 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bacbd0d43e05753f Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9378c7a4228aa2c2 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request-2.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3ddb0548fecc1043 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32d6f971f7ce29aa Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e8506e7f91fb95d Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca7e33d5d640ebcd Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #966f429ddbe4dc90 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #820f739fee403686 Environment-variable access.
repo/docs/versioned_docs/version-1.10.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #56043d5c764c170a Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('JOB_ID', '')}/events"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f352152a14a93f5 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e8ecf5d92a001462 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #482fb720f6408f8c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:6
job_id = os.environ.get("JOB_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54215765739d7ff7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events-3.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbf441e6f12635d9 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1860d55420758b15 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/build-flow-and-stream-events.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5e48506bde3ba2d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0845a319fd5a4d7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/override-flow-parameters.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #82b000f0a1778212 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/build/{os.getenv('FLOW_ID', '')}/flow"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e213d9ff408ba07 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-build/set-start-and-stop-points.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f3611c7048dd2a5 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fdc8cb5048f50e2c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-all-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cd8572d64b9640fc Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:6
    f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/delete/{os.getenv('FLOW_ID', '')}/2024-12-30_15-19-43_your_file.txt"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #70140e1dfc869b36 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v1.py:11
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40c3296253341803 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files/{os.getenv('FILE_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6033776a008d161d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/delete-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cc9fbfe442d6ff97 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #39cc90fa569e8daf Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3636324d4c414046 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a13b7c30134dceb Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1d9d03bedcdda38b Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v1.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f5c1a6b4ca5cbd59 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3f353dc60579508 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00c3c5f228fa7415 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:11
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3200a80b35e723df Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/download-file-v2.py:18
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #227e03cf1cf81800 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:8
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e178429fdbff4af4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35663d83ad4416f4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:12
upload_path = Path(os.environ.get("SAMPLE_UPLOAD_FILE", str(fixtures / "sample-upload.txt")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c410ea2985424b2 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:19
    files={"file": (upload_path.name, upload_path.read_bytes(), "text/plain")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c9d35acbc15205b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/edit-file-name-v2.py:25
new_name = os.environ.get("RENAMED_FILE_BASENAME", "renamed-sample-upload")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4afcdf894d8d2b4d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/list/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49756a5cad9df34b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #537a2159e28f0f33 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b8f30981280c5a4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/list-files-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a795a921cbd93e3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6fb72170b3a7746 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1fffea2c21bea4ce Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25f9264d3d3c875b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ed3b58e847d8e1ee Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3605f35d4bcad2fe Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/send-files-to-your-flows-v2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #93f3ff954f31cd43 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f26d34ad3d92deb Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2a47c937714d15e Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c3d4c85db6628aa1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v1.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #adc541bec81c9e92 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v2/files"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #17964a874422adff Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3974b1ac98f7f56f Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f0dfdfea847193f4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2-2.py:13
    "file": open(os.getenv("SAMPLE_UPLOAD_FILE", "docs/docs/API-Reference/fixtures/sample-upload.txt"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a896ea9ff60bc1cd Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f475ef91b69cfe78 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-file-v2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b236f67482595335 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:7
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e114014956dcd010 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #003051672b651a3f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:9
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bba9fdf50628e63 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:12
image_path = Path(os.environ.get("SAMPLE_IMAGE_FILE", str(fixtures / "sample-upload.png")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b9562bcea18cc74 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1-2.py:19
    files={"file": (image_path.name, image_path.read_bytes(), "image/png")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0057f939c0e065b4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/files/upload/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #104c30e0c01cb73e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3ddd177e449d7e3 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e6fd05dd7242a5c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-files/upload-image-files-v1.py:12
    "file": open(os.getenv("SAMPLE_IMAGE_FILE", "docs/docs/API-Reference/fixtures/sample-upload.png"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ff4c111aa3a713c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3c79cd53b0642375 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #25363122e347c062 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/pass-global-variables-in-request-headers.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d248c9cf1f1b8130 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac0a3e58db200fc6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #181413dcdb6b35a1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/request-example-with-all-headers-and-parameters.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bbc1d5a5e36bbe63 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55fac1bd3215506d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #96075d2b1a1e7b6f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4101cf450545a873 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/run/{os.getenv('FLOW_ID', '')}?stream=true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce10be34d452c266 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/stream-llm-token-responses.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #55fb49a5b5397135 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1aa6499191fdbbca Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2bc045c2e630d399 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows-run/webhook-run-flow.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5558be7b60945fb3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #35328798edb716bd Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flow.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23cbe5caa3318de9 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #31366c2df642bcc6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dab8459f33e4ef62 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/create-flows.py:8
folder_id = (os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23c7cf998020e424 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2823333210a468e4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/delete-flow.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba118f88aeb11989 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c4a5f54f6ce5a233 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d09d23afb592a630 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9821cbe9dc8603bc Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:8
folder_id = os.environ.get("PROJECT_ID") or os.environ.get("FOLDER_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bbcf47edabc74d6 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/export-flows.py:36
with open("langflow-flows.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a5c45e79d400a8ce Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/upload/?folder_id={os.getenv('FOLDER_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f41aa450d03cc545 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #03b997a021b4d663 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2fce2aec60ab46c2 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/import-flows.py:13
    "file": open(os.getenv("FLOW_IMPORT_FILE", "docs/docs/API-Reference/fixtures/flow-import.json"), "rb"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c00b66adc243df9 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/{os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a708ccf181f55d1b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flow.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #28c0272452c9cf44 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=true&components_only=false&get_all=false&project_id={os.getenv('PROJECT_ID', '')}&header_flows=false&page=1&size=1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2fdbe352cf294afd Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c4d1fc8f633e752 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/?remove_example_flows=false&components_only=false&get_all=true&header_flows=false&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #473f03223c2bb94a Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #181002230fc5183f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/flows/basic_examples/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a098d2bb77cbfb2c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/read-sample-flows.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d5715d30162c555e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e6c2ca2e217d252 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7ba17a8ba3d6cd19 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-flows/update-flow.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72ca8bee4b475d52 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/logs?lines_before=0&lines_after=0&timestamp=0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3fe1dc7f97a58e92 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/retrieve-logs-with-optional-parameters.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c14e909ef9dc4b5 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9b4be4ad4f3e1a21 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-logs/stream-logs.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b6424b46a1b405c7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages/session/different_session_id_2"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f15a534c15292149 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages-by-session.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ba1da69ad8ab9f53 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d2b742d691e64f3e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3876d9ce7259a7a Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-messages.py:8
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb1ced1184951fd3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #13da64444527d406 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/delete-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #79b092ffd2716565 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:5
base_url = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "http://127.0.0.1:7860")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75ae8af7774699c7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #848415c0de258db0 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/example-request.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #02004bcbcf0a9000 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages?flow_id={os.getenv('FLOW_ID', '')}&session_id=01ce083d-748b-4b8d-97b6-33adbb6a528a&sender=Machine&sender_name=AI&order_by=timestamp"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7acd913215aff1c9 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages-2.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #27b42cf5166c9280 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/messages"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b162ced8a380bac Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-messages.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bc474df795e730d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/transactions?flow_id={os.getenv('FLOW_ID', '')}&page=1&size=50"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c35dd011bfa312f6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-transactions.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #772b5fcfcb6169f6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/monitor/builds?flow_id={os.getenv('FLOW_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5939619e260919f1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/get-vertex-builds.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #15bb458030af0f6f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eccbd8a563968200 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1282b568e8796758 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-message.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f13dc48927d6be98 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c0530ade1c2a59b0 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b8c51480c31a3ac Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-monitor/update-session-id.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0e66c4317a11d3b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:5
base = (os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2678c4ce6c7c8fd9 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77edd2735f8a0fa7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/additional-configuration-for-openai-client-libraries.py:7
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #60ea708b666dfa6b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:9
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6252b0073d4f01c7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:10
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ca266a2bd4befad4 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-2.py:11
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a54f175df4f09873 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:8
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a1f52998c2799cb Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:9
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b619eb1dc38ac79b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids-3.py:10
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ebacd46ac9b41d1b Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #deaf7f3cd921aa54 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1eca1f2190cc8a7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/continue-conversations-with-response-and-session-ids.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4931e06ccd4b8ef6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b35aa693375e4694 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3d4f74a3858558f7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #71e69fcb0648ea61 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/example-streaming-request.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aba0e32ca2af530f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4974affc4a8b0cdc Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/pass-global-variables-to-your-flows-in-headers.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89603e6deba075e6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52b9dff878663f81 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8a829e01ace01a6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/retrieve-tool-call-results.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2a57b207f50877c2 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/responses"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d8b48e1693e68036 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-openai-responses/token-usage-tracking.py:8
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a41a5f4e816bbed0 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66e495fde1fe9edf Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project-2.py:10
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e509e7ed5ab3bbec Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9f6472e3b13116e1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/create-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e33e80b031a239b3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b81128392d33211 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/delete-project.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #04ef656e51ee81e2 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/download/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #05dc59b1cfa96681 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f1a770b918d67c5d Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/export-a-project.py:15
with open("langflow-project.zip", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b9ca9f55360ef3a Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6d79f59609ad7d59 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9aebd743aaae9f2 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:11
import_path = Path(os.environ.get("PROJECT_IMPORT_JSON", str(default_json)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c20ffc68f8dc6431 Filesystem access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/import-a-project.py:15
files = {"file": (import_path.name, import_path.read_bytes(), "application/json")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9312ea24b678ea9e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/{os.getenv('PROJECT_ID', '')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff96b09c158cc6d3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-project.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1c425bc1ab1714c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/projects/"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a4b1753951a22a1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/read-projects.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #00becab6bb6f0c64 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:6
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd9cae144e2784c8 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:7
project_id = os.environ.get("PROJECT_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5baedcc2310ea80e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-projects/update-project.py:8
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7dfadfbba02bd15e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d08df32ac7e46885 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84f9d81ec2fa63ca Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/form-langflow-api-requests.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #23d20cfe1e85b197 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/all"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e618dc143e9b7293 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-all-components.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3b045f8067cce8a Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/config"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bc2b4932dc979d7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-configuration.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #67313aad0dd2a976 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/get-version.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/api/v1/version"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #552adcfcdb3eb95d Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-reference-api-examples/health-check.py:5
url = f"{os.getenv('LANGFLOW_SERVER_URL', '')}/health_check"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c1976c260ec91cd3 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #803c6736e21e3642 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/add-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d06224073b982d5c Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:6
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e54243cb75d7fc17 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/delete-user.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5e041e5c618f70c7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/whoami"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c7f4054e2324fe53 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/get-current-user.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8564597b75bdd5ae Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:5
url = f"{os.getenv('LANGFLOW_URL', '')}/api/v1/users/?skip=0&limit=10"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1f86b41b783eb199 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/list-all-users.py:9
    "x-api-key": f"{os.getenv('LANGFLOW_API_KEY', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9cc59f3051715f74 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3e60638aa3259e2 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/reset-password.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #831e8d1f6b68c457 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:5
base = os.environ.get("LANGFLOW_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab1bbdda74844f9e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/api-users/update-user.py:6
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89612d46ccef7f9f Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8208fef8e8f4b89e Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa21313ac75ba0d7 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-asynchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f0d2eeeb094b4405 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8d2e24a3a04204fb Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d1ddb99b847176b1 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request-2.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ab9c27723c29b653 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0508d80e984a9667 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #19145ba0d38c67d6 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fe720cf5002171fc Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:5
base = os.environ.get("LANGFLOW_URL") or os.environ.get("LANGFLOW_SERVER_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d92a647ba63d66ee Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:6
flow_id = os.environ.get("FLOW_ID", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af6fc505413ed196 Environment-variable access.
repo/docs/versioned_docs/version-1.9.0/API-Reference/python-examples/workflows-api/example-synchronous-request.py:7
api_key = os.environ.get("LANGFLOW_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #854559ec4c2b1814 Filesystem access.
repo/scripts/build_component_index.py:182
    output_path.write_text(json_bytes.decode("utf-8") + "\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21907a2be27cbb5a Filesystem access.
repo/scripts/check_deprecated_imports.py:48
            content = py_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fa15a67e4c6b3963 Filesystem access.
repo/scripts/ci/lfx_nightly_tag.py:28
    pyproject_data = tomllib.loads(lfx_pyproject_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #743e7ad0298e0cd3 Filesystem access.
repo/scripts/ci/pypi_nightly_tag.py:50
    pyproject_data = tomllib.loads(pyproject_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1a0c6b608ff961e3 Filesystem access.
repo/scripts/ci/sdk_nightly_tag.py:22
    pyproject_data = tomllib.loads(sdk_pyproject_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4b78bf00c67b8eb0 Filesystem access.
repo/scripts/ci/sync_bundle_lfx_pin.py:96
        original = pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #776bf8163b63606a Filesystem access.
repo/scripts/ci/sync_bundle_lfx_pin.py:99
            pyproject.write_text(updated, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e95a57f99f895bb7 Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:38
    path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2cc4755db964263f Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:46
    result = pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59ab37115398fcdc Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:63
    once = pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8ada0708a0b59a5b Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:65
    twice = pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36709f9d5c2f60f6 Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:71
    path.write_text('[project]\ndependencies = ["langflow-base~=1.11.0"]\n', encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4bf00a1843947f62 Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:80
    pyproject.write_text(pyproject.read_text(encoding="utf-8") + extra, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e44f80ee33d6dc9a Filesystem access.
repo/scripts/ci/test_update_lf_base_dependency.py:82
    result = pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #54ae8e09fcf4d489 Filesystem access.
repo/scripts/ci/update_bundle_versions.py:73
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62c81e314cfe3ce2 Filesystem access.
repo/scripts/ci/update_bundle_versions.py:99
    pyproject_path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ed8a1d7d162f7bce Filesystem access.
repo/scripts/ci/update_bundle_versions.py:116
    content = root_pyproject.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b73b5be253bbb62c Filesystem access.
repo/scripts/ci/update_bundle_versions.py:135
    root_pyproject.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #181b3b80b0fa46eb Filesystem access.
repo/scripts/ci/update_lf_base_dependency.py:16
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #24337170fb0c9e3c Filesystem access.
repo/scripts/ci/update_lf_base_dependency.py:39
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #173df42a6058ded6 Filesystem access.
repo/scripts/ci/update_lf_base_dependency.py:45
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4181e3343070e671 Filesystem access.
repo/scripts/ci/update_lf_base_dependency.py:66
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3f3d66f87491db28 Filesystem access.
repo/scripts/ci/update_lfx_version.py:34
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #870234bedbd5c628 Filesystem access.
repo/scripts/ci/update_lfx_version.py:44
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e50a63b178dea40 Filesystem access.
repo/scripts/ci/update_pyproject_name.py:22
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #16cf72141a382675 Filesystem access.
repo/scripts/ci/update_pyproject_name.py:47
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #020b878a95628a14 Filesystem access.
repo/scripts/ci/update_pyproject_name.py:53
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a2a76256ec50f29 Filesystem access.
repo/scripts/ci/update_pyproject_name.py:73
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4e1d2a0e1eb3bd3a Filesystem access.
repo/scripts/ci/update_pyproject_version.py:16
    content = filepath.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a119f5f75c7792ac Filesystem access.
repo/scripts/ci/update_pyproject_version.py:27
    filepath.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b6fcb44f2e64519 Environment-variable access.
repo/scripts/ci/update_starter_projects.py:31
        do_update_starter_projects = os.environ.get("LANGFLOW_UPDATE_STARTER_PROJECTS", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aac08e4da7c7ba46 Filesystem access.
repo/scripts/ci/update_uv_dependency.py:16
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62adbd108f5c0f9b Filesystem access.
repo/scripts/ci/update_uv_dependency.py:42
    pyproject_path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a1ca35b343e7f842 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py:2314
        iterations_raw = os.getenv("WXO_CONCURRENCY_REPEAT", str(DEFAULT_CONCURRENCY_ITERATIONS)).strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0037eb04723fa4d5 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py:3572
    value = os.getenv(name, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d2564762f0411d91 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py:3581
    parser.add_argument("--project-id", default=os.getenv("WXO_PROJECT_ID", "e2e-project"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d03de16dc5f9ab2c Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py:3582
    parser.add_argument("--mode", choices=["live", "failpoint", "both"], default=os.getenv("WXO_E2E_MODE", "both"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c46014a7d10be0bb Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/adapter.py:3583
    parser.add_argument("--llm", default=os.getenv("WXO_DEFAULT_LLM", DEFAULT_WXO_LLM))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8dbdf7d9d2d4c013 Filesystem access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:1971
            raw = starter_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5eb189bd3bc908a Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2061
    parser.add_argument("--base-url", default=os.getenv("LANGFLOW_BASE_URL", "http://localhost:7860"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1baad0ba537b163 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2062
    parser.add_argument("--api-key", default=os.getenv("LANGFLOW_API_KEY", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2eb32dab484c4af6 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2063
    parser.add_argument("--instance-url", default=os.getenv("WXO_INSTANCE_URL", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #12b5fa54f13a98ac Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2064
    parser.add_argument("--provider-api-key", default=os.getenv("WXO_API_KEY", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #409feaaa9a484b98 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2065
    parser.add_argument("--provider-tenant-id", default=os.getenv("WXO_TENANT_ID"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b3ceabf5c5018c70 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2066
    parser.add_argument("--provider-key", default=os.getenv("WXO_PROVIDER_KEY", "watsonx-orchestrate"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eaa349330aa6e01e Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2069
        default=os.getenv("WXO_E2E_FLOW_VERSION_IDS", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fd689664b045a950 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2072
    parser.add_argument("--project-id", default=os.getenv("LANGFLOW_PROJECT_ID"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #66b2334774e1dbf9 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2075
        default=os.getenv("WXO_E2E_STARTER_PROJECT_FILES", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #83c7fe50b98ab8e7 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2084
        default=int(os.getenv("WXO_E2E_STARTER_PROJECT_COUNT", "2")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ff22106ef7cbfe66 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2087
    parser.add_argument("--mode", choices=["live", "failpoint", "both"], default=os.getenv("WXO_E2E_MODE", "both"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2d9ca2d04506b03a Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2088
    parser.add_argument("--llm", default=os.getenv("WXO_DEFAULT_LLM", DEFAULT_WXO_LLM))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #265a149d6210631c Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2092
        default=int(os.getenv("WXO_E2E_TIMEOUT_SECS", str(DEFAULT_TIMEOUT_SECS))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4eaf44a62154f6de Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2097
        default=int(os.getenv("WXO_CONCURRENCY_REPEAT", str(DEFAULT_CONCURRENCY_REPEAT))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #30a3c711a7379323 Environment-variable access.
repo/scripts/e2e_deployment_tests/watsonx_orchestrate/api.py:2102
        default=os.getenv("WXO_E2E_TEST_SUBSET", "full"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ecd2c87e608c0ae0 Environment-variable access.
repo/scripts/gp/check_backend_status.py:25
GP_BACKEND_BUNDLE = os.getenv("GP_BACKEND_BUNDLE", "langflow-ui-backend-v2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6f9771d020f411c9 Filesystem access.
repo/scripts/gp/check_backend_status.py:108
    en_data = json.loads(DEFAULT_SOURCE.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2c7dbc3658f0cd9 Environment-variable access.
repo/scripts/gp/download.py:21
GP_BACKEND_BUNDLE = os.getenv("GP_BACKEND_BUNDLE", "langflow-ui-backend-v2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a86aa0cb44a8e4f0 Filesystem access.
repo/scripts/gp/download.py:62
                output_file.write_text(json.dumps(strings, ensure_ascii=False, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1890a8421d58f4e5 Filesystem access.
repo/scripts/gp/download.py:89
                output_file.write_text(json.dumps(strings, ensure_ascii=False, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40a9adeaa3c27be1 Filesystem access.
repo/scripts/gp/extract_backend_strings.py:216
            existing = OUTPUT_PATH.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0920271df3665fc7 Filesystem access.
repo/scripts/gp/extract_backend_strings.py:228
    OUTPUT_PATH.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c33badf40dd7a8b Environment-variable access.
repo/scripts/gp/gp_client.py:19
GP_USER_ID = os.getenv("GP_ADMIN_USER_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3acad7f9a486d4b Environment-variable access.
repo/scripts/gp/gp_client.py:20
GP_PASSWORD = os.getenv("GP_ADMIN_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #427fc03c7069870d Environment-variable access.
repo/scripts/gp/gp_client.py:21
GP_INSTANCE = os.getenv("GP_INSTANCE", "langflow-test")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7a0b71db21f6dd5 Environment-variable access.
repo/scripts/gp/gp_client.py:22
GP_BUNDLE = os.getenv("GP_BUNDLE", "langflow-ui")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6159bed9424a49f2 Environment-variable access.
repo/scripts/gp/gp_client.py:25
VERIFY_SSL = os.getenv("GP_VERIFY_SSL", "true").lower() != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #65ed71deec2320bf Environment-variable access.
repo/scripts/gp/upload.py:28
GP_BACKEND_BUNDLE = os.getenv("GP_BACKEND_BUNDLE", "langflow-ui-backend-v2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #efd823868911efbb Filesystem access.
repo/scripts/gp/upload.py:78
        strings = json.loads(source_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #af8775c33dd9d3ef Filesystem access.
repo/scripts/gp/upload.py:99
        strings = json.loads(source_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2b02c4dcf2b64fa7 Filesystem access.
repo/scripts/lint/check_component_env_writes.py:182
        tree = ast.parse(path.read_text(encoding="utf-8"), filename=str(path))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #046860b290aa13db Filesystem access.
repo/scripts/migrate/check_bare_names.py:94
        source = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #370e4c97a329aaaa Filesystem access.
repo/scripts/migrate/check_bare_names.py:244
        table = json.loads(args.table.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #984b5ae64199fd23 Filesystem access.
repo/scripts/migrate/check_bundle_api_changelog.py:112
    for raw in path.read_text(encoding="utf-8").splitlines():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c6250c312097928 Filesystem access.
repo/scripts/migrate/check_migration_append_only.py:225
    current_raw = args.current.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fae3dc7591d87665 Filesystem access.
repo/scripts/migrate/check_migration_append_only.py:231
        baseline_raw = args.baseline.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cacbd1cd3034b931 Filesystem access.
repo/scripts/migrate/check_router_trust.py:303
        source = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5147686a12520f63 Filesystem access.
repo/scripts/migrate/port_bundle.py:80
    lfx_pyproject = (REPO_ROOT / "src" / "lfx" / "pyproject.toml").read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21264f4861e8031c Filesystem access.
repo/scripts/migrate/port_bundle.py:298
        text = src.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f67b1b46f976d47 Filesystem access.
repo/scripts/migrate/port_bundle.py:402
            path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0b1ad84f1c7b280 Filesystem access.
repo/scripts/migrate/port_bundle.py:431
    text = target.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9c3f751d7b4a2f6 Filesystem access.
repo/scripts/migrate/port_bundle.py:450
    target.write_text(new_text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #080ff6f59f8192ff Filesystem access.
repo/scripts/migrate/port_bundle.py:483
    text = target.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #311db44313929687 Filesystem access.
repo/scripts/migrate/port_bundle.py:513
    target.write_text(new_text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a5934aecc3b37e9 Environment-variable access.
repo/scripts/migrate_secret_key.py:49
    config_dir = os.environ.get("LANGFLOW_CONFIG_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3fd137efdef422b4 Filesystem access.
repo/scripts/migrate_secret_key.py:83
        return secret_file.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #36a27395ad9667f6 Filesystem access.
repo/scripts/migrate_secret_key.py:91
    secret_file.write_text(key, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/lfx

python first-party
high pii_flow production #abbe471b3a0d4c19 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/base/models/groq_model_discovery.py:142 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/base/models/groq_model_discovery.py:140 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/base/models/groq_model_discovery.py:142
        response = requests.get(url, headers=headers, timeout=10)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #97d9fd5641598545 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/agentql/agentql_api.py:127 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/agentql/agentql_api.py:99 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/agentql/agentql_api.py:127
            response = httpx.post(endpoint, headers=headers, json=payload, timeout=self.timeout)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #14f6f046becac957 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/cometapi/cometapi.py:102 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/cometapi/cometapi.py:98 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/cometapi/cometapi.py:102
            response = requests.get(url, headers=headers, timeout=10)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6379477d0d89d1ff User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/datastax/astradb_cql.py:220 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/datastax/astradb_cql.py:180 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/datastax/astradb_cql.py:220
        res = requests.request("GET", url=url, headers=headers, timeout=10)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #6da890b116ec7a71 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:68 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:67 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:68
        response = requests.post(
            "https://cr-api.icosacomputing.com/cr/langflow",
            json=params,
            auth=creds,
            timeout=100,
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #fc430f8556c140c9 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:150 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:118 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:150
        response = requests.post(
            "https://api.notdiamond.ai/v2/modelRouter/modelSelect",
            json=payload,
            headers=header,
            timeout=10,
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow production #7791624a3bac000a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
repo/src/lfx/src/lfx/load/utils.py:37 · flow /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/load/utils.py:34 → /tmp/closeopen-uhn6nk5u/repo/src/lfx/src/lfx/load/utils.py:37
            response = httpx.post(url, files={"file": file}, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry production #3836b979bcb37b4e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/lfx/src/lfx/log/logger.py:27
    from opentelemetry import trace as _otel_trace  # type: ignore[import-not-found]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 212 low-confidence finding(s)
low env_fs production #66d525999d43f1d7 Environment-variable access.
repo/src/lfx/src/lfx/base/agents/utils.py:270
    env_value = os.getenv("LANGCHAIN_VERBOSE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #244c9e4f3d97a4be Filesystem access.
repo/src/lfx/src/lfx/base/data/storage_utils.py:91
    return path_obj.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #305912509b7c5671 Filesystem access.
repo/src/lfx/src/lfx/base/data/storage_utils.py:136
    return path_obj.read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6dbe88b2ad7eef9f Filesystem access.
repo/src/lfx/src/lfx/base/data/utils.py:189
    raw_data = file_path_.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b4a06e368029b012 Filesystem access.
repo/src/lfx/src/lfx/base/data/utils.py:193
            return file_path_.read_text(encoding=enc)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d46ac64b33517d0 Environment-variable access.
repo/src/lfx/src/lfx/base/knowledge_bases/backends/base.py:199
        env_value = os.environ.get(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fcd267091041d1fb Environment-variable access.
repo/src/lfx/src/lfx/base/knowledge_bases/ingestion_sources/connector_base.py:69
        env_value = os.environ.get(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8793358309a3dc9 Filesystem access.
repo/src/lfx/src/lfx/base/knowledge_bases/ingestion_sources/folder.py:203
        raw = candidate.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0c296a8a03b396c9 Environment-variable access.
repo/src/lfx/src/lfx/base/mcp/util.py:1684
        env_data: dict[str, str] = {"DEBUG": "true", "PATH": os.environ["PATH"], **safe_env}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #f898562f8804e274 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/base/models/model_utils.py:569
        response = httpx.get(url, headers=headers, timeout=OPENROUTER_FETCH_TIMEOUT)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #91b2db782acb60c8 Filesystem access.
repo/src/lfx/src/lfx/base/models/models_dev_catalog.py:174
        raw = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e1cf795aa5a9800a Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:67
            env_value = os.environ.get(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e9261fac781e14f1 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:124
    return os.getenv(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #73a9dabe75951652 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:138
    value = os.environ.get(var_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a561c0b54c3f6b8 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:141
    prefixed = os.environ.get(f"LANGFLOW_{var_key}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8372478e1dc91f69 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:272
                env_value = os.environ.get(var_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #ca0c34b245fdb7a6 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/base/models/unified_models/credentials.py:488
                response = requests.get(
                    "https://openrouter.ai/api/v1/auth/key",
                    headers={"Authorization": f"Bearer {api_key}"},
                    timeout=5,
                )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #41a5683cfd1d1d5d Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/instantiation.py:27
    return os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #415b8c1f4b9a7d02 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/instantiation.py:351
        api_base_value = _to_str(os.environ.get("OPENAI_EMBEDDINGS_API_BASE")) or _to_str(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a37ae82752a09182 Environment-variable access.
repo/src/lfx/src/lfx/base/models/unified_models/instantiation.py:352
            os.environ.get("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d74e2463a1e65ab1 Filesystem access.
repo/src/lfx/src/lfx/cli/_authoring_commands.py:97
            flow = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb54ed1e6f482a22 Filesystem access.
repo/src/lfx/src/lfx/cli/_authoring_commands.py:111
                Path(output).write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aa6d63cf7bf2d5b0 Filesystem access.
repo/src/lfx/src/lfx/cli/_extension_commands.py:571
        Path(output).write_text(payload, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #377f9835f3e402bd Environment-variable access.
repo/src/lfx/src/lfx/cli/_extension_commands.py:765
    env = _build_dev_launch_env(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1e3e73a5c3ea8ffa Environment-variable access.
repo/src/lfx/src/lfx/cli/_extension_reload_client.py:48
    env_target = os.environ.get("LANGFLOW_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2be6c7e3378292f Environment-variable access.
repo/src/lfx/src/lfx/cli/_extension_reload_client.py:58
    return os.environ.get("LANGFLOW_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #815b28eed41c9130 Filesystem access.
repo/src/lfx/src/lfx/cli/commands.py:154
                payload = json.loads(resolved[0].read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b1bc85a2bd002e47 Environment-variable access.
repo/src/lfx/src/lfx/cli/commands.py:328
    os.environ["LANGFLOW_PRETTY_LOGS"] = "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ad2039b272174d2b Environment-variable access.
repo/src/lfx/src/lfx/cli/commands.py:444
                os.environ[_SERVE_FLOW_DIR_ENV] = str(flow_dir) if flow_dir else ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cfc996bf424710eb Environment-variable access.
repo/src/lfx/src/lfx/cli/commands.py:445
                os.environ[_SERVE_NO_ENV_FALLBACK_ENV] = "1" if no_env_fallback else "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6cf9c4cd6bdb4160 Environment-variable access.
repo/src/lfx/src/lfx/cli/commands.py:456
                os.environ[_SERVE_STARTUP_PATHS_ENV] = json.dumps(startup_paths_for_workers)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fb584516c328db71 Environment-variable access.
repo/src/lfx/src/lfx/cli/commands.py:470
                        os.environ.pop(k, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #aec7816f1464fd21 Filesystem access.
repo/src/lfx/src/lfx/cli/commands.py:504
            raw_json = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8c222d95261f65d9 Environment-variable access.
repo/src/lfx/src/lfx/cli/common.py:124
    api_key = os.getenv("LANGFLOW_API_KEY") or os.getenv("LFX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53e37a7a13d1ba73 Filesystem access.
repo/src/lfx/src/lfx/cli/common.py:406
        lines = script_path.read_text(encoding="utf-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2e357a157bec6a6 Environment-variable access.
repo/src/lfx/src/lfx/cli/common.py:565
    token = os.getenv(_GITHUB_TOKEN_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4d3521e6dc19fdd0 Filesystem access.
repo/src/lfx/src/lfx/cli/create.py:55
    return json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2da09704983420b Filesystem access.
repo/src/lfx/src/lfx/cli/create.py:124
    dest.write_text(json.dumps(flow, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f20b4375a54338d3 Filesystem access.
repo/src/lfx/src/lfx/cli/export.py:64
        source_path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #584b66cc71d83cb2 Filesystem access.
repo/src/lfx/src/lfx/cli/export.py:68
        output.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #070da92e4897da8e Filesystem access.
repo/src/lfx/src/lfx/cli/export.py:133
            out_path.write_text(sdk.flow_to_json(normalized, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3bf6514c2cb27fc Filesystem access.
repo/src/lfx/src/lfx/cli/export.py:147
            out_path.write_text(sdk.flow_to_json(normalized, indent=indent), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c6d1f06861fb5a8 Filesystem access.
repo/src/lfx/src/lfx/cli/flow_store.py:110
            tmp.write_text(json.dumps(flow_json), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d637c058eeb88dad Filesystem access.
repo/src/lfx/src/lfx/cli/flow_store.py:121
            return json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ce25bef05983f079 Filesystem access.
repo/src/lfx/src/lfx/cli/init.py:121
    path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a6650e86cd7b9e5a Filesystem access.
repo/src/lfx/src/lfx/cli/init.py:131
    dest.write_text(src.read_text(encoding="utf-8"), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #32904fd69c928ec3 Filesystem access.
repo/src/lfx/src/lfx/cli/init.py:216
        existing_content = gitignore.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6921102e78fe932a Filesystem access.
repo/src/lfx/src/lfx/cli/init.py:218
            gitignore.write_text(existing_content.rstrip() + "\n\n" + _GITIGNORE, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ffed8f93d6b5cf09 Environment-variable access.
repo/src/lfx/src/lfx/cli/login.py:186
    elif os.environ.get("LANGFLOW_API_KEY") == env_cfg.api_key and env_cfg.api_key:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c9d0d39407bb053 Filesystem access.
repo/src/lfx/src/lfx/cli/pull.py:89
        if out_path.exists() and out_path.read_text(encoding="utf-8") == new_content:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dbdb8931ac32436a Filesystem access.
repo/src/lfx/src/lfx/cli/pull.py:93
            out_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f60709fe6805c222 Filesystem access.
repo/src/lfx/src/lfx/cli/push.py:71
        return json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22854ab871292c47 Environment-variable access.
repo/src/lfx/src/lfx/cli/serve_app.py:805
    flow_dir_str = os.environ.get(_SERVE_FLOW_DIR_ENV)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8a95b13f84c85b0e Environment-variable access.
repo/src/lfx/src/lfx/cli/serve_app.py:806
    no_env_fallback = os.environ.get(_SERVE_NO_ENV_FALLBACK_ENV, "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a053fe5e085b07c0 Environment-variable access.
repo/src/lfx/src/lfx/cli/serve_app.py:807
    startup_paths_json = os.environ.get(_SERVE_STARTUP_PATHS_ENV, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e781693cdbf82a02 Filesystem access.
repo/src/lfx/src/lfx/cli/status.py:208
                raw: dict = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc45d205caf2b301 Filesystem access.
repo/src/lfx/src/lfx/cli/upgrade.py:71
        flow_data = json.loads(flow_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #718789de5a09fe8c Filesystem access.
repo/src/lfx/src/lfx/cli/upgrade.py:99
        flow_path.write_text(json.dumps(output, indent=2, ensure_ascii=False), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfd47f9c65d0bb8a Filesystem access.
repo/src/lfx/src/lfx/cli/validation/core.py:122
        raw = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99d2d45e001adad3 Environment-variable access.
repo/src/lfx/src/lfx/cli/validation/semantic.py:257
            if os.environ.get(env_key):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #e33658c15f567975 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/Notion/create_page.py:84
            response = requests.post("https://api.notion.com/v1/pages", headers=headers, json=data, timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #4119e44fae5feb8e Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/Notion/list_users.py:61
        response = requests.get(url, headers=headers, timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #93d6a1580f74787b Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/Notion/search.py:107
        response = requests.post(url, headers=headers, json=data, timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #7b7e182765a17104 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/agentql/agentql_api.py:127
            response = httpx.post(endpoint, headers=headers, json=payload, timeout=self.timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #404aff969992c6df Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/cometapi/cometapi.py:102
            response = requests.get(url, headers=headers, timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #f84a1549c1496d66 Filesystem access.
repo/src/lfx/src/lfx/components/data_source/csv_to_data.py:64
                    csv_bytes = Path(resolved_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d20cfe01f25ced06 Filesystem access.
repo/src/lfx/src/lfx/components/data_source/json_to_data.py:63
                    json_data = Path(resolved_path).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #8fff29472e801e9f Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/data_source/web_search.py:166
            response = requests.get(url, params=params, headers=headers, timeout=self.timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #85e9c47ec2e9b5e0 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/_filesystem_namespace.py:60
        existing = pepper_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4169de29d965bf00 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/file.py:1135
                        content = file.path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac3d551a81403621 Environment-variable access.
repo/src/lfx/src/lfx/components/files_and_knowledge/filesystem.py:704
        return load_isolation_config(env=os.environ, default_config_dir=_default_config_dir())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c6a8fa249bf6b28 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/filesystem.py:1212
                text = resolved_file.read_text(encoding="utf-8", errors="replace")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0305f4bcfb5bb237 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:681
                existing_metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7b3bac4b86e5b483 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:693
        metadata_path.write_text(json.dumps(embedding_metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0037f8a19649860d Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:705
            metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6920faae64e64886 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:708
            metadata_path.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c16aa152ebfb8506 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:816
            metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9d5425c7305bca2b Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:819
            metadata_path.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dcfd8dbce3b47062 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:830
            metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6bd55ff47cc9d74b Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:844
            metadata_path.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41085b9a7ed1f42d Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:886
            metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #460f9c6e5a82f750 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:934
                cfg_path.write_text(json.dumps(config_list, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ec4d3abefd877e26 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:1183
                stored_metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4aaef9b0f194ce83 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/knowledge.py:1475
            metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c913f78104d03231 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:458
                    existing_content = path.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8feffae6e9ec08b7 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:475
                path.write_text(json.dumps(existing_data, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4149467651c8c2b0 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:481
                path.write_text(path.read_text(encoding="utf-8") + "\n\n" + content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52d3f94cbe4ea489 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:483
                path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3edf83612d77a365 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:510
                    existing_content = path.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89aca54874265c05 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:529
                path.write_text(json.dumps(existing_data, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95bbb57e146b3c1f Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:532
                path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc722717cf7aba1a Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:536
                path.write_text(path.read_text(encoding="utf-8") + "\n\n" + content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #87fa28b66c15a632 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:538
                path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c4e92b7af9ee16c Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:564
                path.write_text(path.read_text(encoding="utf-8") + "\n" + content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6b0a7dbbc25515c2 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:566
                path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #69bd13feaefc2e71 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:573
                    existing_content = path.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c0b0af92df54ab4 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:589
                path.write_text(json.dumps(existing_data, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0554bff2a0ceac4 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:591
                path.write_text(json.dumps(new_message, indent=2), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0ee7c503f47f4c61 Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:595
                path.write_text(path.read_text(encoding="utf-8") + "\n\n" + md_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #50a8f047ff948c3c Filesystem access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:597
                path.write_text(md_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9b38bb4c52174e0 Environment-variable access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:676
            aws_access_key_id = os.getenv("AWS_ACCESS_KEY_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #10b096f5b25caaa2 Environment-variable access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:682
            aws_secret_access_key = os.getenv("AWS_SECRET_ACCESS_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9c49859c528a7320 Environment-variable access.
repo/src/lfx/src/lfx/components/files_and_knowledge/save_file.py:723
            aws_region = os.getenv("AWS_DEFAULT_REGION") or os.getenv("AWS_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd51660de4139c90 Filesystem access.
repo/src/lfx/src/lfx/components/files_ingestion/file_content_retriever.py:125
                index = json.loads(text_index_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6be66b6f5ec574d1 Filesystem access.
repo/src/lfx/src/lfx/components/files_ingestion/file_content_retriever.py:130
                            text_map[fp] = txt_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #684ac0794e9676b9 Filesystem access.
repo/src/lfx/src/lfx/components/files_ingestion/file_content_retriever.py:142
                index = json.loads(df_index_file.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a619e29ca2845843 Filesystem access.
repo/src/lfx/src/lfx/components/files_ingestion/file_content_retriever.py:171
            txt_path.write_text(text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7bd41d8a83efb9c2 Filesystem access.
repo/src/lfx/src/lfx/components/google/google_oauth_token.py:85
                token_path.write_text(creds.to_json(), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #3ca0afb18a519931 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/icosacomputing/combinatorial_reasoner.py:68
        response = requests.post(
            "https://cr-api.icosacomputing.com/cr/langflow",
            json=params,
            auth=creds,
            timeout=100,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #e718c2599623a200 Environment-variable access.
repo/src/lfx/src/lfx/components/langwatch/langwatch.py:98
                self.evaluators = self.get_evaluators(os.getenv("LANGWATCH_ENDPOINT", "https://app.langwatch.ai"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b0825fef7b40104e Environment-variable access.
repo/src/lfx/src/lfx/components/langwatch/langwatch.py:218
        self.set_evaluators(os.getenv("LANGWATCH_ENDPOINT", "https://app.langwatch.ai"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7663e1eab943b937 Environment-variable access.
repo/src/lfx/src/lfx/components/langwatch/langwatch.py:243
            url = f"{os.getenv('LANGWATCH_ENDPOINT', 'https://app.langwatch.ai')}{endpoint}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #889feb7005373a40 Environment-variable access.
repo/src/lfx/src/lfx/components/mem0/mem0_chat_memory.py:13
os.environ.setdefault("MEM0_TELEMETRY", "False")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8e113ba55451870 Filesystem access.
repo/src/lfx/src/lfx/components/models_and_agents/policies/guard_sync_utils.py:81
            code_value = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f380ce016342fcd0 Environment-variable access.
repo/src/lfx/src/lfx/components/models_and_agents/policies_component.py:35
TOOLGUARD_WORK_DIR = Path(os.getenv("TOOLGUARD_WORK_DIR") or "tmp_toolguard")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #e942a9ee135583ca Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/notdiamond/notdiamond.py:150
        response = requests.post(
            "https://api.notdiamond.ai/v2/modelRouter/modelSelect",
            json=payload,
            headers=header,
            timeout=10,
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #97549456f32a5b18 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/novita/novita.py:88
            response = requests.get(url, headers=headers, timeout=10)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress production #a6a381beed947f14 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/openrouter/openrouter.py:47
            response = httpx.get("https://openrouter.ai/api/v1/models", timeout=10.0)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #ee0208800ea79524 Filesystem access.
repo/src/lfx/src/lfx/components/redis/redis.py:53
        Path("docuemnts.txt").write_text(str(documents), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress production #7eadc0c42f25f438 Hardcoded external endpoint. Review what data is sent to this destination.
repo/src/lfx/src/lfx/components/wikipedia/wikidata.py:46
            response = httpx.get(wikidata_api_url, params=params)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs production #38f5fbd4fcee2e01 Filesystem access.
repo/src/lfx/src/lfx/config/environments.py:176
        return _parse_yaml(path.read_text(encoding="utf-8"), path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49d1a119abda99ba Filesystem access.
repo/src/lfx/src/lfx/config/environments.py:181
        return _parse_yaml(path.read_text(encoding="utf-8"), path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3299aef2a822a41c Environment-variable access.
repo/src/lfx/src/lfx/config/environments.py:198
        api_key = os.environ.get(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8928f979366b4899 Environment-variable access.
repo/src/lfx/src/lfx/config/environments.py:297
        lf_url = os.environ.get("LANGFLOW_URL") or os.environ.get("LFX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2154e1c85335f2d3 Environment-variable access.
repo/src/lfx/src/lfx/config/environments.py:299
            lf_key = api_key or os.environ.get("LANGFLOW_API_KEY") or os.environ.get("LFX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #75663a78601ce96f Filesystem access.
repo/src/lfx/src/lfx/custom/code_parser/code_parser.py:35
    source_code = Path(source_file).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e0d202e5e3c3b43 Filesystem access.
repo/src/lfx/src/lfx/custom/custom_component/component.py:508
                    class_code = Path(inspect.getfile(self.__class__)).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3fcdd303c1b7f2b Filesystem access.
repo/src/lfx/src/lfx/extension/bundle_registry.py:301
            tmp.write_text(json.dumps(payload, indent=2, sort_keys=True), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f80edca386570db3 Environment-variable access.
repo/src/lfx/src/lfx/extension/dev_registry.py:86
    override = os.environ.get("LANGFLOW_DEV_EXTENSIONS_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3646f42893640621 Environment-variable access.
repo/src/lfx/src/lfx/extension/dev_registry.py:90
    config_dir = os.environ.get("LANGFLOW_CONFIG_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a41c83979bc0f2b2 Filesystem access.
repo/src/lfx/src/lfx/extension/dev_registry.py:154
        raw = state_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0f2456df5e548eb5 Environment-variable access.
repo/src/lfx/src/lfx/extension/discovery.py:656
        seed_dir_env = os.environ.get(SEED_DIR_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9a57bf7c6cc5776f Filesystem access.
repo/src/lfx/src/lfx/extension/init_template.py:509
        path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8833536f4d7bea5e Filesystem access.
repo/src/lfx/src/lfx/extension/loader/_orchestrator.py:68
        return hashlib.sha256(path.read_bytes()).hexdigest()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e2fdf8d485893a94 Filesystem access.
repo/src/lfx/src/lfx/extension/loader/_orchestrator.py:491
        data = json.loads(candidate.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9083d6dc6297f210 Filesystem access.
repo/src/lfx/src/lfx/extension/loader/_plugins.py:174
        raw = dist.read_text("direct_url.json")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #77dad24164359063 Filesystem access.
repo/src/lfx/src/lfx/extension/manifest.py:391
    raw = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #59be32d2419f428f Filesystem access.
repo/src/lfx/src/lfx/extension/manifest.py:409
    raw = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c9ea9267cea1ae00 Filesystem access.
repo/src/lfx/src/lfx/extension/migration/loader.py:55
        raw = path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7aa7d5cc4df2bdb2 Filesystem access.
repo/src/lfx/src/lfx/extension/validate.py:527
        source = py_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #586a8d91acda50ad Environment-variable access.
repo/src/lfx/src/lfx/extension/validate.py:698
    env = {key: value for key, value in os.environ.items() if key in _SUBPROCESS_ENV_ALLOWLIST}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d86515eaf671d19f Environment-variable access.
repo/src/lfx/src/lfx/interface/components.py:103
    lfx_dev = os.getenv("LFX_DEV", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a917b5781abd4275 Filesystem access.
repo/src/lfx/src/lfx/interface/components.py:159
                    blob = orjson.loads(index_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0fc6213c07a1949f Filesystem access.
repo/src/lfx/src/lfx/interface/components.py:172
                blob = orjson.loads(index_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f322efb5a427ea24 Environment-variable access.
repo/src/lfx/src/lfx/interface/initialize/loading.py:138
                key = os.getenv(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a94908521a9d8019 Environment-variable access.
repo/src/lfx/src/lfx/interface/initialize/loading.py:222
                            key = os.getenv(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9da3f73e2078245 Environment-variable access.
repo/src/lfx/src/lfx/interface/initialize/loading.py:243
                    key = os.getenv(variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f35e9ed8f24b78bb Environment-variable access.
repo/src/lfx/src/lfx/interface/initialize/loading.py:315
                    key = os.getenv(params[field])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eaf64756e63366bd Environment-variable access.
repo/src/lfx/src/lfx/interface/utils.py:101
    if cache_type := os.getenv("LANGFLOW_LANGCHAIN_CACHE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9df59108ce255649 Environment-variable access.
repo/src/lfx/src/lfx/load/utils.py:34
        resolved_api_key = api_key if api_key is not None else os.environ.get("LANGFLOW_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5dc12b3e65cacf30 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:152
            env_buffer_size = os.getenv("LANGFLOW_LOG_RETRIEVER_BUFFER_SIZE", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b265c9d64bd44e51 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:193
    service = os.getenv("LANGFLOW_SERVICE_NAME", "langflow")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #365f7df9e5884de0 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:194
    version = os.getenv("LANGFLOW_VERSION", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #109651f78c977b36 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:195
    environment = os.getenv("LANGFLOW_ENVIRONMENT", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f99b2143e837f97a Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:320
    raw = os.getenv("LANGFLOW_LOG_LEVELS", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6e48fd1da7b0ce45 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:448
    if log_level is None and os.getenv("LANGFLOW_LOG_LEVEL", "").upper() in VALID_LOG_LEVELS:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6205b76363481aef Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:449
        log_level = os.getenv("LANGFLOW_LOG_LEVEL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a3fb9ccaf8923313 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:454
        env_log_file = os.getenv("LANGFLOW_LOG_FILE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8064d7a4d5572362 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:458
        log_env = os.getenv("LANGFLOW_LOG_ENV", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b10003a86aebfffb Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:462
        log_format = os.getenv("LANGFLOW_LOG_FORMAT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41b79d0394bb722b Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:495
        k.strip().lower() for k in os.getenv("LANGFLOW_LOG_REDACT_KEYS", "").split(",") if k.strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #753936c8f0468140 Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:537
    show_locals = os.getenv("LANGFLOW_LOG_TRACE_LOCALS", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fdb7feb3208a907c Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:593
        log_stdout_pretty = os.getenv("LANGFLOW_PRETTY_LOGS", "true").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f7c6d3059a3d25f Environment-variable access.
repo/src/lfx/src/lfx/log/logger.py:671
        not log_env and os.getenv("LANGFLOW_PRETTY_LOGS", "true").lower() != "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e00ef55a670c1e56 Environment-variable access.
repo/src/lfx/src/lfx/mcp/client.py:39
        self.server_url = (server_url or os.environ.get("LANGFLOW_SERVER_URL", "http://localhost:7860")).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1499fca6c53da512 Environment-variable access.
repo/src/lfx/src/lfx/mcp/client.py:40
        self.api_key = api_key or os.environ.get("LANGFLOW_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b7889cd3abf77c4b Filesystem access.
repo/src/lfx/src/lfx/run/base.py:125
                raw = json.loads(script_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f4941d973bb9eab6 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:185
                netstat_cmd = os.path.join(os.environ.get("SYSTEMROOT", "C:\\Windows"), "System32", "netstat.exe")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0cc2a439f1a0c7c5 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:215
                                os.environ.get("SYSTEMROOT", "C:\\Windows"), "System32", "taskkill.exe"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42677df020abfd91 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:311
            netstat_cmd = os.path.join(os.environ.get("SYSTEMROOT", "C:\\Windows"), "System32", "netstat.exe")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dea866c536e945e1 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:350
                                os.environ.get("SYSTEMROOT", "C:\\Windows"), "System32", "taskkill.exe"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4148fbd00e317c19 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:416
                                    os.environ.get("SYSTEMROOT", "C:\\Windows"), "System32", "taskkill.exe"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #129a5e4ee13b1f77 Filesystem access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:596
                        return Path(filepath).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e3545228d25f7d83 Filesystem access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:606
                        return Path(filepath).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4756bbed838809b5 Environment-variable access.
repo/src/lfx/src/lfx/services/mcp_composer/service.py:1397
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c1fe5dc38a3b787 Filesystem access.
repo/src/lfx/src/lfx/services/settings/auth.py:258
                public_key_pem = public_key_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ed4e154998a18f1 Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/components.py:74
        env_value = os.getenv("LANGFLOW_COMPONENTS_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #99d67d80281d5813 Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/components.py:120
        env_components_path = os.getenv("LANGFLOW_COMPONENTS_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5b2f2c587195b0c6 Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/components.py:144
        env_components_index_path = os.getenv("LANGFLOW_COMPONENTS_INDEX_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cb1eeb45d27b4111 Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/database.py:96
        if langflow_database_url := os.getenv("LANGFLOW_DATABASE_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bfb87fd677bc6ad Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/server.py:109
        os.environ["USER_AGENT"] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #579951276bd21ffd Environment-variable access.
repo/src/lfx/src/lfx/services/settings/groups/variables.py:43
        if os.getenv("LANGFLOW_AGENTIC_EXPERIENCE", "true").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8e321e44f065418b Filesystem access.
repo/src/lfx/src/lfx/services/settings/utils.py:97
    path.write_text(value, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4eeb20439ccf1ce3 Filesystem access.
repo/src/lfx/src/lfx/services/settings/utils.py:105
    return path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d189c29a863c2496 Filesystem access.
repo/src/lfx/src/lfx/services/settings/utils.py:117
    path.write_text(value, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18eabb8769757e2f Environment-variable access.
repo/src/lfx/src/lfx/services/telemetry/service.py:46
        self.base_url = base_url or os.environ.get("LANGFLOW_TELEMETRY_BASE_URL", _DEFAULT_BASE_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6609d3a064ed4e36 Environment-variable access.
repo/src/lfx/src/lfx/services/telemetry/service.py:49
            do_not_track = os.environ.get("DO_NOT_TRACK", "false").lower() in {"1", "true"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8d90b5fb45fff26 Environment-variable access.
repo/src/lfx/src/lfx/services/variable/service.py:49
        raw = os.getenv("LANGFLOW_REQUEST_VARIABLES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6615990c780005dd Environment-variable access.
repo/src/lfx/src/lfx/services/variable/service.py:97
            value = os.getenv(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c2c16c91a14da50 Environment-variable access.
repo/src/lfx/src/lfx/services/variable/service.py:102
            value = os.getenv(global_alias)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a4494743c42354f4 Environment-variable access.
repo/src/lfx/src/lfx/settings.py:6
DEV = os.getenv("LANGFLOW_DEV", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e610f3eb712f22a2 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:120
    url: str | None = request.config.getoption("langflow_url", default=None) or os.environ.get("LANGFLOW_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #580a7420ba15cbd5 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:121
    env_name: str | None = request.config.getoption("langflow_env", default=None) or os.environ.get("LANGFLOW_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2ab5c18a4cff9f5b Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:132
        api_key: str | None = request.config.getoption("langflow_api_key", default=None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #11e461ee7ff8293f Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:132
        api_key: str | None = request.config.getoption("langflow_api_key", default=None) or os.environ.get(
            "LANGFLOW_API_KEY"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d04aa6f8fcd01dc9 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:138
    env_file: str | None = request.config.getoption("langflow_environments_file", default=None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #41b1d8220060ce2d Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:138
    env_file: str | None = request.config.getoption("langflow_environments_file", default=None) or os.environ.get(
        "LANGFLOW_ENVIRONMENTS_FILE"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3e082869d5f15ba2 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:153
    url: str | None = request.config.getoption("langflow_url", default=None) or os.environ.get("LANGFLOW_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #01462bfe9f7bd933 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:154
    env_name: str | None = request.config.getoption("langflow_env", default=None) or os.environ.get("LANGFLOW_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89f78fdcbe613118 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:165
        api_key: str | None = request.config.getoption("langflow_api_key", default=None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b8995e8a68ad1930 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:165
        api_key: str | None = request.config.getoption("langflow_api_key", default=None) or os.environ.get(
            "LANGFLOW_API_KEY"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fda76b7ddfffe81e Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:170
    env_file: str | None = request.config.getoption("langflow_environments_file", default=None) or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #91b88690f6e88ab5 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:170
    env_file: str | None = request.config.getoption("langflow_environments_file", default=None) or os.environ.get(
        "LANGFLOW_ENVIRONMENTS_FILE"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #413d12905b6e4a19 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:197
        or os.environ.get("LFX_ENV_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f9c0b25945adfb8c Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:203
        raw_t = request.config.getoption("lfx_timeout", default=None) or os.environ.get("LFX_TIMEOUT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f2b1e27b5c4239f9 Environment-variable access.
repo/src/lfx/src/lfx/testing/plugin.py:209
    dir_str: str | None = request.config.getoption("lfx_flow_dir", default=None) or os.environ.get("LFX_FLOW_DIR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0b17fdbfa36dff8b Filesystem access.
repo/src/lfx/src/lfx/testing/runners.py:76
            raw_dict = json.loads(flow_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3578665a5aaa6406 Filesystem access.
repo/src/lfx/src/lfx/utils/flow_requirements.py:593
    flow = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7d1c33ec665b90ee Environment-variable access.
repo/src/lfx/src/lfx/utils/ssrf_protection.py:84
    env_value = os.getenv("LANGFLOW_SSRF_PROTECTION_ENABLED")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84894da308012412 Environment-variable access.
repo/src/lfx/src/lfx/utils/ssrf_protection.py:103
    env_value = os.getenv("LANGFLOW_SSRF_ALLOWED_HOSTS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c7deab0757d4f9f Environment-variable access.
repo/src/lfx/src/lfx/utils/util.py:44
    if os.getenv("container") == "podman":  # noqa: SIM112

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #dd824c8a3f87b721 Environment-variable access.
repo/src/lfx/src/lfx/utils/validate_cloud.py:20
    disable_component = os.getenv("ASTRA_CLOUD_DISABLE_COMPONENT", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/backend/base

python first-party
medium telemetry production #2681cc8ec8e1945d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/main.py:25
from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #870aa29f328a5ec2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/main.py:194
                    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #a11426e894372bad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/main.py:203
                        sentry_sdk.init(
                            dsn=sentry_settings.sentry_dsn,
                            traces_sample_rate=sentry_settings.sentry_traces_sample_rate,
                            profiles_sample_rate=sentry_settings.sentry_profiles_sample_rate,
                        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #64aac580556c0ebd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/main.py:901
            from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #91ddfa8ba8a39985 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:7
from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #444cc0bd1d610bc4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:8
from opentelemetry.exporter.prometheus import PrometheusMetricReader

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d02d754415ea5098 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:9
from opentelemetry.metrics import CallbackOptions, Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8966adeb29875b47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:10
from opentelemetry.metrics._internal.instrument import Counter, Histogram, UpDownCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #5f7d5e368b38815a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:11
from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #a3c27083f5d69436 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/telemetry/opentelemetry.py:12
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #7c87610406d6643a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:18
from opentelemetry.sdk.trace.export import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #7ed97dc6602be442 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:19
from opentelemetry.semconv.trace import SpanAttributes as OTELSpanAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #e5239707346dfeb5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:20
from opentelemetry.trace import Span, Status, StatusCode, use_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #392114837a97399a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:21
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #f9a58cebaa1b2600 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:33
    from opentelemetry.propagators.textmap import CarrierT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #6a8d7c4bcb89bf12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:34
    from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #ba3542505b011643 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/http_instrumentation.py:14
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d5c3dd2f1e5246f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/http_instrumentation.py:68
            from opentelemetry.instrumentation.requests import RequestsInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #880a5908c45ac393 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/http_instrumentation.py:77
            from opentelemetry.instrumentation.urllib3 import URLLib3Instrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #ad162150c583d783 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/http_instrumentation.py:89
                from opentelemetry.instrumentation.requests import RequestsInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #4c364547fec4cdb5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/http_instrumentation.py:101
                from opentelemetry.instrumentation.urllib3 import URLLib3Instrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #7bcbb8e75486d688 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langfuse.py:60
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #385b0429cc4901d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langfuse.py:181
    from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #466359902c6977c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langfuse.py:225
    from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #c89d67dc585229d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langwatch.py:9
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #67aa09082a95bace Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langwatch.py:10
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #8181a9318eb0989a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langwatch.py:11
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #75f389a13e5a1363 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/langwatch.py:73
            from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #46a5683f0bf98151 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/otel_fastapi_patch.py:69
        from opentelemetry.instrumentation import fastapi as otel_fastapi

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #6d41117e66d15b21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/traceloop.py:12
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #cd30470ae4a91d47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/traceloop.py:13
from opentelemetry.trace import Span, use_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #6b96ffa9ee3c8406 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/traceloop.py:14
from opentelemetry.trace.propagation.tracecontext import TraceContextTextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #c541b464f44329b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/traceloop.py:26
    from opentelemetry.propagators.textmap import CarrierT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry production #d21805a690ae107d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
repo/src/backend/base/langflow/services/tracing/traceloop.py:27
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 101 low-confidence finding(s)
low env_fs production #af9a5bd9c467b275 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:18
    if _platform.system() == "Darwin" and not _os.environ.get("OBJC_DISABLE_INITIALIZE_FORK_SAFETY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e42f63feea73a71d Environment-variable access.
repo/src/backend/base/langflow/__main__.py:19
        _os.environ["OBJC_DISABLE_INITIALIZE_FORK_SAFETY"] = "YES"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8b16b09cf1a88bde Environment-variable access.
repo/src/backend/base/langflow/__main__.py:295
        os.environ["OBJC_DISABLE_INITIALIZE_FORK_SAFETY"] = "YES"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a9d1b21f2117bae4 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:419
    log_level = (log_level or os.environ.get("LANGFLOW_LOG_LEVEL") or "info").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b52b95518094db81 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:420
    os.environ["LANGFLOW_LOG_LEVEL"] = log_level

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #52c8567f7e3bde36 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:436
        for key, value in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6c2dcd7e8c36609e Environment-variable access.
repo/src/backend/base/langflow/__main__.py:519
        if os.environ.get("LANGFLOW_GUNICORN_PRELOAD", "false").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #843d99c2c699d21c Environment-variable access.
repo/src/backend/base/langflow/__main__.py:542
        db_url = os.environ.get(LANGFLOW_DATABASE_URL, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a8add90a8c59f335 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:582
                "preload_app": os.environ.get("LANGFLOW_GUNICORN_PRELOAD", "false").lower() == "true",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ed2193326da69e89 Environment-variable access.
repo/src/backend/base/langflow/__main__.py:809
        if os.getenv("DO_NOT_TRACK", os.getenv("LANGFLOW_DO_NOT_TRACK", "False")).lower() != "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e051a32bda2eef1a Environment-variable access.
repo/src/backend/base/langflow/agentic/helpers/assistant_workspace.py:63
    raw = os.environ.get(BASE_DIR_ENV, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e213f0fab7f34db Environment-variable access.
repo/src/backend/base/langflow/agentic/services/assistant_service.py:97
    return os.getenv(FLOW_VERIFICATION_ENABLED_ENV, "1").strip().lower() not in {"0", "false", "no", "off"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d25bc385d0e2d7d8 Filesystem access.
repo/src/backend/base/langflow/agentic/services/flow_preparation.py:241
        return json.loads(flow_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #18d2373a2ed531b6 Filesystem access.
repo/src/backend/base/langflow/agentic/services/flow_preparation.py:245
        parsed = json.loads(flow_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2de9266723863a53 Environment-variable access.
repo/src/backend/base/langflow/agentic/services/provider_service.py:52
        is_enabled = all(key in all_variable_names or os.getenv(key) for key in required_keys)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f947c6dd2835ad18 Environment-variable access.
repo/src/backend/base/langflow/agentic/services/provider_service.py:77
        api_key = os.getenv(key_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #079a3030a5d8c7df Filesystem access.
repo/src/backend/base/langflow/agentic/services/user_components_overlay.py:170
        code = py_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7c857b4472aff748 Filesystem access.
repo/src/backend/base/langflow/agentic/utils/template_search.py:167
            template_data = orjson.loads(Path(template_file).read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c5415185156de47f Environment-variable access.
repo/src/backend/base/langflow/alembic/env.py:108
            namespace = os.getenv("LANGFLOW_MIGRATION_LOCK_NAMESPACE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d73bab2584df78fe Filesystem access.
repo/src/backend/base/langflow/alembic/migration_validator.py:60
        content = filepath.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3b9b3b032b55fc65 Filesystem access.
repo/src/backend/base/langflow/api/utils/kb_helpers.py:325
                metadata = json.loads(metadata_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97a6dd11e7539b7f Filesystem access.
repo/src/backend/base/langflow/api/utils/kb_helpers.py:359
                metadata_file.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #49bdc3aa3c9be504 Filesystem access.
repo/src/backend/base/langflow/api/utils/kb_helpers.py:370
                metadata_file.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #864331682bc6546a Filesystem access.
repo/src/backend/base/langflow/api/utils/kb_helpers.py:841
            metadata_path.write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #568d0ec059a9d4cf Filesystem access.
repo/src/backend/base/langflow/api/utils/knowledge_base_service.py:378
        return json.loads(metadata_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #53a8b089e1c408b5 Filesystem access.
repo/src/backend/base/langflow/api/v1/files.py:228
        file_content = await anyio.Path(file_path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #95c3339020628aae Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:370
            embedding_metadata = json.loads(metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5f1fe0efc8a7e815 Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:372
            metadata_path.write_text(json.dumps(embedding_metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #89209d6376aee9bd Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:781
        metadata_path.write_text(json.dumps(embedding_metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0c420052a2c8a3a Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:787
            schema_path.write_text(json.dumps(schema_data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7e86ec2db02bc926 Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:1045
                        existing_meta = json.loads(cc_metadata_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #680672a0e944a01d Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:1047
                        cc_metadata_path.write_text(json.dumps(existing_meta, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ed4ba9e0d30784db Filesystem access.
repo/src/backend/base/langflow/api/v1/knowledge_bases.py:1051
                    schema_path.write_text(json.dumps(schema_data, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a7e2aec0a4a67519 Environment-variable access.
repo/src/backend/base/langflow/api/v1/mcp_projects.py:1224
            return Path(os.environ["APPDATA"]) / "Claude" / "claude_desktop_config.json"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #22088ee53a2783c1 Environment-variable access.
repo/src/backend/base/langflow/api/v1/voice_mode.py:111
        openai_key = secret_value_to_str(openai_key_value) or os.getenv("OPENAI_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #299132a45bfc97b9 Environment-variable access.
repo/src/backend/base/langflow/api/v1/voice_mode.py:535
        api_key = os.getenv("ELEVENLABS_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0e7f43f25e0f8579 Filesystem access.
repo/src/backend/base/langflow/api/v2/files.py:439
        binary_data = sample_file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #40d17b5f6fbc0b99 Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:4
langflow_redis_host = os.environ.get("LANGFLOW_REDIS_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c848dd11363e278e Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:5
langflow_redis_port = os.environ.get("LANGFLOW_REDIS_PORT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f519e103a3ee4195 Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:13
    mq_user = os.environ.get("RABBITMQ_DEFAULT_USER", "langflow")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ee0723b47064e5e7 Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:14
    mq_password = os.environ.get("RABBITMQ_DEFAULT_PASS", "langflow")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #047666f4b2741b94 Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:15
    broker_url = os.environ.get("BROKER_URL", f"amqp://{mq_user}:{mq_password}@localhost:5672//")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5ef6e1c9b3a6d100 Environment-variable access.
repo/src/backend/base/langflow/core/celeryconfig.py:16
    result_backend = os.environ.get("RESULT_BACKEND", "redis://localhost:6379/0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b2bad8c3544d6f45 Environment-variable access.
repo/src/backend/base/langflow/helpers/windows_postgres_helper.py:25
    db_url = os.environ.get(LANGFLOW_DATABASE_URL, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f13d023813e79b4d Filesystem access.
repo/src/backend/base/langflow/initial_setup/setup.py:569
            content = await file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bd7bf38c824caa25 Filesystem access.
repo/src/backend/base/langflow/initial_setup/setup.py:1463
                                    update_data = orjson.loads(await path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #04370bd2c9d583e9 Environment-variable access.
repo/src/backend/base/langflow/interface/initialize/loading.py:134
                key = os.getenv(params[field])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d78ea6f4e39974d6 Environment-variable access.
repo/src/backend/base/langflow/langflow_launcher.py:54
    os.environ["OBJC_DISABLE_INITIALIZE_FORK_SAFETY"] = "YES"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #5027369c45537644 Environment-variable access.
repo/src/backend/base/langflow/main.py:510
            if os.getenv("LANGFLOW_MODELS_DEV_REFRESH", "true").lower() not in ("false", "0", "no"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e5c28f7cca0fc1df Environment-variable access.
repo/src/backend/base/langflow/main.py:553
            log_level = os.getenv("LANGFLOW_LOG_LEVEL", "info").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bc1d407688df2a71 Environment-variable access.
repo/src/backend/base/langflow/main.py:797
    if prome_port_str := os.environ.get("LANGFLOW_PROMETHEUS_PORT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #7a60f73968a6b7e7 Environment-variable access.
repo/src/backend/base/langflow/server.py:118
        debug_mode = os.environ.get("LANGFLOW_DEBUG_FORK_GHOSTS", "").lower() in ("1", "true", "yes")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #243543bdfa96cf84 Environment-variable access.
repo/src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/constants.py:59
    MCSP = os.getenv("IBM_IAM_MCSP_DEV_URL_OVERRIDE", "").strip() or IBM_IAM_MCSP_PRODUCTION_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a039000da419409e Environment-variable access.
repo/src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/constants.py:60
    IBM_IAM = os.getenv("IBM_IAM_DEV_URL_OVERRIDE", "").strip() or IBM_IAM_PRODUCTION_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #642cbb7a2b497d83 Environment-variable access.
repo/src/backend/base/langflow/services/adapters/deployment/watsonx_orchestrate/core/tools.py:518
    override = os.environ.get("WXO_LFX_REQUIREMENT_OVERRIDE", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #ac64c5fcf0e5dd0d Environment-variable access.
repo/src/backend/base/langflow/services/database/models/api_key/crud.py:195
    env_api_key = os.getenv("LANGFLOW_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #33ffc85689623415 Environment-variable access.
repo/src/backend/base/langflow/services/database/models/folder/constants.py:5
DEFAULT_FOLDER_NAME = os.getenv("DEFAULT_FOLDER_NAME", "Starter Project")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #961934fdff913200 Environment-variable access.
repo/src/backend/base/langflow/services/database/service.py:65
    raw = os.getenv("LANGFLOW_MIGRATION_LOCK_TIMEOUT_S")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9bfa0758781855ae Environment-variable access.
repo/src/backend/base/langflow/services/flow/flow_runner.py:138
        tweaks_values = tweaks_values or os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d0e804647f825a77 Filesystem access.
repo/src/backend/base/langflow/services/memory_base/document_builders.py:181
        (kb_path / "embedding_metadata.json").write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b6d02f1cdaee4631 Filesystem access.
repo/src/backend/base/langflow/services/memory_base/ingestion.py:463
    (kb_path / "embedding_metadata.json").write_text(json.dumps(metadata, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8f8f03f17dadf37e Environment-variable access.
repo/src/backend/base/langflow/services/storage/s3.py:65
            f"region={os.getenv('AWS_DEFAULT_REGION', 'default')}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f3d00342f9eb6b93 Environment-variable access.
repo/src/backend/base/langflow/services/telemetry/service.py:53
            os.getenv("DO_NOT_TRACK", "False").lower() == "true" or settings_service.settings.do_not_track

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #093bc639a161e371 Environment-variable access.
repo/src/backend/base/langflow/services/telemetry/service.py:134
        return str(os.getenv("LANGFLOW_DESKTOP", "False")).lower() in {"1", "true"}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #04f6384bc57f80d6 Filesystem access.
repo/src/backend/base/langflow/services/telemetry_writer/service.py:81
        boot = Path("/proc/sys/kernel/random/boot_id").read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8da980caf34997c5 Filesystem access.
repo/src/backend/base/langflow/services/telemetry_writer/service.py:94
    (own_dir / _OWNER_FILE_NAME).write_text(json.dumps(payload))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #6199272e6fe4b2e4 Filesystem access.
repo/src/backend/base/langflow/services/telemetry_writer/service.py:99
        return json.loads((pid_dir / _OWNER_FILE_NAME).read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #eb5933609732e48b Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:126
        arize_phoenix_batch = os.getenv("ARIZE_PHOENIX_BATCH", "False").lower() in {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #84eaa4c2cc07cd5b Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:135
        arize_api_key = os.getenv("ARIZE_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #42755d3421b90fb4 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:136
        arize_space_id = os.getenv("ARIZE_SPACE_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #0a61ecc0a19a8f2a Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:137
        arize_collector_endpoint = os.getenv("ARIZE_COLLECTOR_ENDPOINT", "https://otlp.arize.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #21b0ca23711cf138 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:147
        phoenix_api_key = os.getenv("PHOENIX_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c20dfb04ab5a1c8e Environment-variable access.
repo/src/backend/base/langflow/services/tracing/arize_phoenix.py:148
        phoenix_collector_endpoint = os.getenv("PHOENIX_COLLECTOR_ENDPOINT", "https://app.phoenix.arize.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #930c9391306ccc45 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langfuse.py:494
        secret_key = os.getenv("LANGFUSE_SECRET_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #cdbb0833cbd229a7 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langfuse.py:495
        public_key = os.getenv("LANGFUSE_PUBLIC_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #2fc8936335e7eb29 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langfuse.py:496
        host = os.getenv("LANGFUSE_BASE_URL") or os.getenv("LANGFUSE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #df0b78b33f796366 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langsmith.py:79
        if os.getenv("LANGCHAIN_API_KEY") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #62f06db7ee6e69a6 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langsmith.py:88
        os.environ["LANGCHAIN_TRACING_V2"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e34f327ca267a894 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langwatch.py:69
        if "LANGWATCH_API_KEY" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3eba7cd431ef2e21 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langwatch.py:77
                api_key = os.environ["LANGWATCH_API_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8103b5bf3254f06f Environment-variable access.
repo/src/backend/base/langflow/services/tracing/langwatch.py:78
                endpoint = os.environ.get("LANGWATCH_ENDPOINT", "https://app.langwatch.ai")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #3bb9db36091e31af Environment-variable access.
repo/src/backend/base/langflow/services/tracing/native.py:115
        return os.getenv("LANGFLOW_NATIVE_TRACING", "true").lower() not in ("false", "0", "no")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #97a907f2e2f98f11 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/openlayer.py:759
        api_key = os.getenv("OPENLAYER_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #45c8d9383c92b28a Environment-variable access.
repo/src/backend/base/langflow/services/tracing/openlayer.py:774
            inference_pipeline_id = os.getenv(flow_specific_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb5321f1f0936310 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/openlayer.py:778
            mapping_json = os.getenv("OPENLAYER_LANGFLOW_MAPPING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #fc843591d0d3a233 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/openlayer.py:789
            inference_pipeline_id = os.getenv("OPENLAYER_INFERENCE_PIPELINE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a26f5c287a05a24b Environment-variable access.
repo/src/backend/base/langflow/services/tracing/opik.py:193
        os.environ["OPIK_PROJECT_NAME"] = self._project_name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #e6fc4ee6ef1c2f86 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/opik.py:228
        host = os.getenv("OPIK_URL_OVERRIDE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f517e169742d60cc Environment-variable access.
repo/src/backend/base/langflow/services/tracing/opik.py:229
        api_key = os.getenv("OPIK_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #9e98484b10ba3d6a Environment-variable access.
repo/src/backend/base/langflow/services/tracing/opik.py:230
        workspace = os.getenv("OPIK_WORKSPACE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bfe20335f1c77ed1 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/service.py:301
            project_name = project_name or os.getenv("LANGCHAIN_PROJECT", "Langflow")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #b52b83d17dcf8403 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/service.py:482
            return os.getenv("LANGCHAIN_PROJECT", "Langflow")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d3d63db28217b903 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/traceloop.py:57
        api_key = os.getenv("TRACELOOP_API_KEY", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #61c36e66fd9cea7f Environment-variable access.
repo/src/backend/base/langflow/services/tracing/traceloop.py:64
                api_endpoint=os.getenv("TRACELOOP_BASE_URL", "https://api.traceloop.com"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c09be33de8e95922 Environment-variable access.
repo/src/backend/base/langflow/services/tracing/traceloop.py:88
        api_key = os.getenv("TRACELOOP_API_KEY", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4c3710b596bb754c Environment-variable access.
repo/src/backend/base/langflow/services/tracing/traceloop.py:92
        base_url = os.getenv("TRACELOOP_BASE_URL", "https://api.traceloop.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #72389cd79cea41fa Environment-variable access.
repo/src/backend/base/langflow/services/variable/kubernetes.py:39
                if var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4245de306aa23bc4 Environment-variable access.
repo/src/backend/base/langflow/services/variable/kubernetes.py:41
                    value = os.environ[var]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #38a7bf8d80f4acaa Environment-variable access.
repo/src/backend/base/langflow/services/variable/service.py:61
            if var_name in os.environ and os.environ[var_name].strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c346656809edc09a Environment-variable access.
repo/src/backend/base/langflow/services/variable/service.py:62
                value = os.environ[var_name].strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #899a1baa6d9b47e1 Environment-variable access.
repo/src/backend/base/langflow/settings.py:3
DEV = os.getenv("LANGFLOW_DEV", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/bundles/docling

python first-party
expand_more 1 low-confidence finding(s)
low env_fs production #249f8970957cc88c Filesystem access.
repo/src/bundles/docling/src/lfx_docling/components/docling/docling_remote.py:314
            encoded_doc = base64.b64encode(file_path.read_bytes()).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/bundles/ibm

python first-party
expand_more 1 low-confidence finding(s)
low env_fs production #a055a3eb9b8f37ac Environment-variable access.
repo/src/bundles/ibm/src/lfx_ibm/components/ibm/db2vs.py:36
log_level = os.getenv("LOG_LEVEL", "WARNING").upper()  # Changed to WARNING for production

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/langflow-stepflow

python first-party
expand_more 6 low-confidence finding(s)
low env_fs production #5a0fa659d9fb0bee Filesystem access.
repo/src/langflow-stepflow/src/langflow_stepflow/translation/translator.py:56
            with open(input_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #c565a92d073b8f64 Environment-variable access.
repo/src/langflow-stepflow/src/langflow_stepflow/worker/__main__.py:68
    if os.environ.get("LANGFLOW_DATABASE_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #a688a0a8cc2235c4 Environment-variable access.
repo/src/langflow-stepflow/src/langflow_stepflow/worker/__main__.py:80
        default=os.environ.get("STEPFLOW_TASKS_URL", "localhost:7837"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #8133603660c2bb49 Environment-variable access.
repo/src/langflow-stepflow/src/langflow_stepflow/worker/__main__.py:86
        default=os.environ.get("STEPFLOW_QUEUE_NAME", "langflow"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1c5386b4ace3e715 Environment-variable access.
repo/src/langflow-stepflow/src/langflow_stepflow/worker/__main__.py:92
        default=int(os.environ.get("STEPFLOW_MAX_CONCURRENT", "4")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #f8b82dfa17ffef7b Environment-variable access.
repo/src/langflow-stepflow/src/langflow_stepflow/worker/handlers/base_model.py:113
    resolved = os.getenv(secret_value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

first-party (python): src/sdk

python first-party
expand_more 10 low-confidence finding(s)
low env_fs production #62c9cef7fab8e31b Filesystem access.
repo/src/sdk/src/langflow_sdk/_client_common.py:155
        data: dict[str, Any] = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #007c4033e75715e0 Filesystem access.
repo/src/sdk/src/langflow_sdk/_client_common.py:180
            out.write_text(flow_to_json(normalized), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d78afbd57cfcea84 Filesystem access.
repo/src/sdk/src/langflow_sdk/_client_common.py:199
            dest.write_text(flow_to_json(normalized), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #054b503b62c887a8 Environment-variable access.
repo/src/sdk/src/langflow_sdk/environments.py:83
    env_path = os.environ.get(_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #09473c12749c08e0 Environment-variable access.
repo/src/sdk/src/langflow_sdk/environments.py:108
        api_key = os.environ.get(api_key_env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bb80698d20147df1 Filesystem access.
repo/src/sdk/src/langflow_sdk/serialization.py:205
    raw = Path(path).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #d9a91a3bb47c88e4 Environment-variable access.
repo/src/sdk/src/langflow_sdk/testing.py:100
    url: str | None = request.config.getoption("langflow_url") or os.getenv("LANGFLOW_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #1ff1ada5bdcf6f2f Environment-variable access.
repo/src/sdk/src/langflow_sdk/testing.py:104
    api_key: str | None = request.config.getoption("langflow_api_key") or os.getenv("LANGFLOW_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #bff06543a87b7f87 Environment-variable access.
repo/src/sdk/src/langflow_sdk/testing.py:125
    return request.config.getoption("langflow_env") or os.getenv("LANGFLOW_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs production #4ee1b11f2989d974 Environment-variable access.
repo/src/sdk/src/langflow_sdk/testing.py:129
    return request.config.getoption("langflow_environments_file") or os.getenv("LANGFLOW_ENVIRONMENTS_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

</> Dependencies

langwatch

python dependency
high pii_flow dependency Excluded from app score #31d38ba78a8d4e62 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:218 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:217 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:218
            self._client = httpx.Client(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #3af60ba6e8c4ef3c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:250 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:249 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/langwatch/generated/langwatch_rest_api_client/client.py:250
            self._async_client = httpx.AsyncClient(
                base_url=self._base_url,
                cookies=self._cookies,
                headers=self._headers,
                timeout=self._timeout,
                verify=self._verify_ssl,
                follow_redirects=self._follow_redirects,
                **self._httpx_args,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry tooling Excluded from app score unreachable #c28e181abac37fd5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/documentation/otel_provider_isolation.py:15
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #df007b48a21ddc1a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/documentation/otel_provider_isolation.py:16
from opentelemetry.sdk.trace.export import SimpleSpanProcessor, ConsoleSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #296667e76882db0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/documentation/otel_provider_isolation.py:17
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #040bc0364328fc91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:10
from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #a7817bfc4e2da7ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:11
from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #7e43dbe563995471 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:12
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #1941f3646895daf4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:13
from opentelemetry.sdk.metrics.export import PeriodicExportingMetricReader

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #a71f309609a5807a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:14
from opentelemetry.exporter.otlp.proto.http.metric_exporter import OTLPMetricExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #1741e626d4b45585 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/openllmetry_anthropic_bot.py:11
from opentelemetry.instrumentation.anthropic import AnthropicInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #0d92ca16ff7a0b76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/openllmetry_crewai_bot.py:22
from opentelemetry.instrumentation.crewai import CrewAIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #e4e3739e0cd8b4fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/openllmetry_crewai_bot.py:90
        from opentelemetry.instrumentation.crewai import CrewAIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #a7c9c0bc0b15fd84 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/openllmetry_langchain_bot.py:13
from opentelemetry.instrumentation.langchain import LangchainInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #87a855632f14dd5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/openllmetry_openai_bot.py:11
from opentelemetry.instrumentation.openai import OpenAIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #01a6aa5752c43333 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:11
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #30f506e42fd962dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:12
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #5fd03eee3cc65ae2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:13
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #c392ce5fc72c77f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:14
from opentelemetry.sdk import trace as trace_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #735b64543367e3ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:15
from opentelemetry.sdk.trace.export import ConsoleSpanExporter, SimpleSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling reachable #0f1da73298c37281 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:16
from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #0e56fa8035be4649 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/sanity/setup_example.py:9
from opentelemetry.trace import get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #aa66c1d0de4a9391 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/sanity/setup_example.py:10
from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry tooling Excluded from app score unreachable #5077b55f848e5e24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/examples/sanity/setup_example.py:12
from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1be05555300a36f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:11
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d50ff5de00547a0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:12
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6abdf1ce3e4bf64d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:13
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4877c7a9c4477a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:14
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #365f61940ca30d05 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:15
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc572a6cabc4e850 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:16
from opentelemetry.sdk.trace.sampling import TraceIdRatioBased, ALWAYS_OFF

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b46878c88ec20de3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:17
from opentelemetry.sdk.trace.export import SpanExporter, SpanExportResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98b3184a6e1bc61c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:18
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b98a1fdfeed0a26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:27
import opentelemetry.trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb900211a903f547 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/client.py:28
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8945395c2bb8fe1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/dataset/dataset_api_service.py:16
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #035d8d991bcccf0b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/dataset/dataset_facade.py:16
from opentelemetry.trace import NoOpTracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b583d898e850bc4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/experiment/experiment.py:13
from opentelemetry import trace, context as otel_context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b87c544f2e399b98 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/experiment/experiment.py:14
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5518562a2b838487 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/experiment/experiment.py:1201
            from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #723fee4046d0d3f9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/experiment/experiment.py:1202
            from opentelemetry.trace import INVALID_SPAN_CONTEXT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25eb56c1b955b52f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/exporters/filterable_batch_span_exporter.py:5
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #499510b8621170f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/exporters/filterable_batch_span_exporter.py:6
from opentelemetry.sdk.trace.export import BatchSpanProcessor, SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07dcf345484e5f4e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/langchain.py:24
from opentelemetry.trace import get_current_span, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1138bcbcff4a5749 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/langchain.py:447
        from opentelemetry.context import logger as otel_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18b02bee207df286 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/prompts/decorators/prompt_service_tracing.py:2
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d91adb0217f29cea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/prompts/decorators/prompt_tracing.py:2
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9bcfad4d1f5a348f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/prompts/decorators/prompt_tracing.py:3
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #db14d6be176066f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/context.py:6
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f65642058c510d82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/context.py:7
from opentelemetry import context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a230c91d5118e17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/sampling.py:1
import opentelemetry.trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d12851198c7ccc83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/span.py:29
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7285729886833ab7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/span.py:30
from opentelemetry.util.types import Attributes as OtelAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf3e4b91730d7609 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/span.py:31
from opentelemetry.trace import (
    SpanKind,
    NonRecordingSpan,
    Link,
    Span as OtelSpan,
    Status,
    StatusCode,
    SpanContext,
    set_span_in_context,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29e9d28f7bb68aa0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/span.py:41
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70789b76f347a475 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/tracing.py:16
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0e6e97371fe9ae9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/tracing.py:17
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #607b5e75830a44d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/telemetry/tracing.py:18
from opentelemetry.trace import Link

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #398f229f6efda561 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/types.py:34
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f9b27e85e3be1d5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/types.py:35
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73ec2e82ed2e3320 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/utils/initialization.py:9
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8a16ce335f232e55 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/utils/initialization.py:10
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01da58d47203f433 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/langwatch/utils/initialization.py:11
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 57 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #2a7fe4d037ee00f2 Environment-variable access.
pkgs/python/[email protected]/examples/azure_openai_stream_bot.py:15
    api_key=os.getenv("AZURE_OPENAI_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #98534dcc989ce05c Environment-variable access.
pkgs/python/[email protected]/examples/azure_openai_stream_bot.py:17
    azure_endpoint=os.getenv("AZURE_OPENAI_ENDPOINT"),  # type: ignore

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1e1be04a53b07ea8 Environment-variable access.
pkgs/python/[email protected]/examples/azure_openai_stream_bot.py:19
langwatch.api_key = os.getenv("LANGWATCH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #584701334fc19f51 Environment-variable access.
pkgs/python/[email protected]/examples/cli/guaranteed_availability_with_cli.py:40
    api_key = os.getenv("LANGWATCH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c448ceb9e784d358 Environment-variable access.
pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:25
LANGWATCH_API_KEY = os.environ["LANGWATCH_API_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7d4c8c3ef8550fcb Environment-variable access.
pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:26
LANGWATCH_ENDPOINT = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #86671be7272d0588 Environment-variable access.
pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:26
LANGWATCH_ENDPOINT = os.environ.get(
    "LANGWATCH_ENDPOINT", "https://app.langwatch.ai"
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #a43cc9f9418ff1a0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:97 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:25 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/cli/metadata_rest_api_example.py:97
    response = requests.post(
        f"{LANGWATCH_ENDPOINT}/api/collector",
        headers={
            "X-Auth-Token": LANGWATCH_API_KEY,
            "Content-Type": "application/json",
        },
        json=payload,
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #5f5bb4bb2c632c47 Environment-variable access.
pkgs/python/[email protected]/examples/dataset_crud_example.py:24
ENDPOINT = os.getenv("LANGWATCH_ENDPOINT", "https://app.langwatch.ai")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #651233a1fe791bc8 Environment-variable access.
pkgs/python/[email protected]/examples/dataset_crud_example.py:26
print(f"API Key: {os.getenv('LANGWATCH_API_KEY', '')[:10]}...")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #258a16513a2b4fb8 Environment-variable access.
pkgs/python/[email protected]/examples/dataset_kitchen_sink.py:30
    dataset_slug_or_id = os.getenv("LANGWATCH_DATASET_ID") or "test-dataset-1234"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7a533e2977894308 Environment-variable access.
pkgs/python/[email protected]/examples/dataset_kitchen_sink.py:33
        f"LangWatch endpoint: {os.getenv('LANGWATCH_ENDPOINT') or langwatch._endpoint}"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0a3cd8ae22b43504 Environment-variable access.
pkgs/python/[email protected]/examples/dspy_bot.py:13
lm = dspy.LM("openai/gpt-4o-mini", api_key=os.environ["OPENAI_API_KEY"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #142c56e74b279e40 Environment-variable access.
pkgs/python/[email protected]/examples/fastapi_app.py:67
    port = int(os.environ.get("PORT", 9000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3086ac1b374037dd Environment-variable access.
pkgs/python/[email protected]/examples/haystack_bot.py:102
    api_key=Secret.from_token(os.environ["OPENAI_API_KEY"]), model="gpt-5-mini"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5725bc6ee4db3519 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_vertex_ai.py:52
        credentials_json = json.loads(os.environ["GOOGLE_APPLICATION_CREDENTIALS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8114011ede32d426 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_vertex_ai.py:57
        os.environ["GOOGLE_APPLICATION_CREDENTIALS"] = credentials_file.name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #648b240d1b6072c8 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_vertex_ai.py:64
        project=os.environ["VERTEXAI_PROJECT"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #be9af8574ebbce97 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_vertex_ai.py:65
        location=os.environ["VERTEXAI_LOCATION"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #655913f8e99612d0 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_with_threads.py:3
os.environ["CHAINLIT_AUTH_SECRET"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6a416c20455f7358 Environment-variable access.
pkgs/python/[email protected]/examples/langchain_rag_bot_with_threads.py:105
THREAD_HISTORY_PICKLE_PATH = os.getenv("THREAD_HISTORY_PICKLE_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ad62281e91a03d0e Filesystem access.
pkgs/python/[email protected]/examples/langchain_rag_bot_with_threads.py:107
    with open(THREAD_HISTORY_PICKLE_PATH, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2b320e6032564779 Filesystem access.
pkgs/python/[email protected]/examples/langchain_rag_bot_with_threads.py:118
        with open(THREAD_HISTORY_PICKLE_PATH, "wb") as out_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9021f351f13a2109 Environment-variable access.
pkgs/python/[email protected]/examples/langgraph_rag_bot_with_threads.py:3
os.environ["CHAINLIT_AUTH_SECRET"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6e802e843c59d8b1 Environment-variable access.
pkgs/python/[email protected]/examples/langgraph_rag_bot_with_threads.py:107
THREAD_HISTORY_PICKLE_PATH = os.getenv("THREAD_HISTORY_PICKLE_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4857510da118c3fe Filesystem access.
pkgs/python/[email protected]/examples/langgraph_rag_bot_with_threads.py:109
    with open(THREAD_HISTORY_PICKLE_PATH, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #19d8265882d63e05 Filesystem access.
pkgs/python/[email protected]/examples/langgraph_rag_bot_with_threads.py:120
        with open(THREAD_HISTORY_PICKLE_PATH, "wb") as out_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #68a35a822f8eec94 Environment-variable access.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:21
    endpoint=f"{os.environ.get('LANGWATCH_ENDPOINT', 'https://app.langwatch.ai')}/api/otel/v1/metrics",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8219f7c276a1cd93 Environment-variable access.
pkgs/python/[email protected]/examples/openai_bot_otel_metrics.py:22
    headers={"Authorization": "Bearer " + os.environ["LANGWATCH_API_KEY"]},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d84db43acf5786d5 Environment-variable access.
pkgs/python/[email protected]/examples/opentelemetry/openinference_dspy_bot.py:17
llm = dspy.LM("openai/gpt-4o-mini", api_key=os.environ["OPENAI_API_KEY"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #da454a138503ccc0 Environment-variable access.
pkgs/python/[email protected]/examples/opentelemetry/openinference_haystack.py:51
    api_key=Secret.from_token(os.environ["OPENAI_API_KEY"]), model="gpt-5-mini"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #88e6220097e13525 Environment-variable access.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:28
            endpoint=f"{os.environ.get('LANGWATCH_ENDPOINT', 'https://app.langwatch.ai')}/api/otel/v1/traces",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3dae6cbe77111071 Environment-variable access.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:29
            headers={"Authorization": "Bearer " + os.environ["LANGWATCH_API_KEY"]},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5540f7b48018409b Environment-variable access.
pkgs/python/[email protected]/examples/opentelemetry/traditional_instrumentation_fastapi_app.py:81
    port = int(os.environ.get("PORT", 9000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #216470ca1223066e Environment-variable access.
pkgs/python/[email protected]/examples/sanity/setup_example.py:20
client = OpenAI(api_key=os.getenv("OPENAI_API_KEY"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #340b693b8c35f9ae Environment-variable access.
pkgs/python/[email protected]/examples/sanity/setup_example.py:25
    api_key=os.getenv("LANGWATCH_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #91922cfa46f00aa8 Environment-variable access.
pkgs/python/[email protected]/examples/sanity/setup_example.py:26
    endpoint_url=os.getenv("LANGWATCH_ENDPOINT_URL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b554359e3472abe3 Environment-variable access.
pkgs/python/[email protected]/examples/strands_bot.py:47
                "api_key": os.getenv("OPENAI_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98e8cfe4267b47b2 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:135
            debug_flag = debug or os.getenv("LANGWATCH_DEBUG") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #000a2e5cbcb45249 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:225
            Client._api_key = os.getenv("LANGWATCH_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac7df28481528394 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:232
            Client._project_id = os.getenv("LANGWATCH_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec8fd8c61da8a1e6 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:246
            env_endpoint = os.getenv("LANGWATCH_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #227be123504444fe Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:255
            Client._debug = os.getenv("LANGWATCH_DEBUG") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a292cd9421f3aad9 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:719
            timeout=int(os.getenv("OTEL_EXPORTER_OTLP_TRACES_TIMEOUT", 30)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e590d46546518d7b Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:730
            max_export_batch_size=int(os.getenv("OTEL_BSP_MAX_EXPORT_BATCH_SIZE", 100)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dd058c6382497e2 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:731
            max_queue_size=int(os.getenv("OTEL_BSP_MAX_QUEUE_SIZE", 512)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c490571d4ff86870 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:732
            schedule_delay_millis=float(os.getenv("OTEL_BSP_SCHEDULE_DELAY", 1000)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70bf0f9d372f50ea Environment-variable access.
pkgs/python/[email protected]/src/langwatch/client.py:733
            export_timeout_millis=float(os.getenv("OTEL_BSP_EXPORT_TIMEOUT", 10000)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8bcb1ff198fe377 Filesystem access.
pkgs/python/[email protected]/src/langwatch/dataset/dataset_api_service.py:315
            with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ebf661dade0b0b4 Filesystem access.
pkgs/python/[email protected]/src/langwatch/dataset/dataset_api_service.py:331
            with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #230a8828aed29736 Filesystem access.
pkgs/python/[email protected]/src/langwatch/prompts/local_loader.py:98
                with open(prompts_json_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c6495e55843a7f0 Filesystem access.
pkgs/python/[email protected]/src/langwatch/prompts/local_loader.py:127
                with open(prompts_lock_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11badc6bc4443256 Filesystem access.
pkgs/python/[email protected]/src/langwatch/prompts/local_loader.py:170
                with open(prompt_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e736690177dc04e Environment-variable access.
pkgs/python/[email protected]/src/langwatch/state.py:22
        return os.getenv("LANGWATCH_ENDPOINT") or "https://app.langwatch.ai"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf366175f70cfc94 Environment-variable access.
pkgs/python/[email protected]/src/langwatch/state.py:28
        return os.getenv("LANGWATCH_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b5c3a775699a3cf Environment-variable access.
pkgs/python/[email protected]/src/langwatch/utils/auth.py:48
    resolved_project_id = project_id or os.environ.get("LANGWATCH_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c516aa5fbdba6fd Environment-variable access.
pkgs/python/[email protected]/src/langwatch/utils/initialization.py:118
    if not os.getenv("LANGWATCH_API_KEY", api_key):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langsmith

python dependency
high pii_flow dependency Excluded from app score #552a6722dc55717d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langsmith/sandbox/_models.py:223 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langsmith/sandbox/_models.py:222 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langsmith/sandbox/_models.py:223
        return httpx.request(method, url, headers=headers, **kwargs)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

medium telemetry dependency Excluded from app score #a110220c51714dcd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/_background_thread.py:32
    from opentelemetry.context.context import Context  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee7f9a97d869f509 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_attribute_utils.py:10
    from opentelemetry.trace import Span  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a96844bdfff33aa3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:9
        from opentelemetry.sdk.trace import TracerProvider  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0cd63101b012385c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:19
        from opentelemetry.exporter.otlp.proto.http.trace_exporter import (  # type: ignore[import]
            OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e59cbfd9fbafd6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:22
        from opentelemetry.sdk.resources import (  # type: ignore[import]
            SERVICE_NAME,
            Resource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3de6afb5a0372213 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:26
        from opentelemetry.sdk.trace import TracerProvider  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32bfdc737247cc0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:27
        from opentelemetry.sdk.trace.export import (  # type: ignore[import]
            BatchSpanProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60cdfdd04bf92f82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_exporter.py:16
        from opentelemetry.context.context import Context  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ea94f164ce5038f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_exporter.py:17
        from opentelemetry.trace import Span  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #856a6b1c406cefe5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_exporter.py:37
        from opentelemetry import trace  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #84b737332d172996 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_exporter.py:38
        from opentelemetry.context.context import Context  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ee648d6ca7cbee0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_exporter.py:39
        from opentelemetry.trace import (  # type: ignore[import]
            NonRecordingSpan,
            Span,
            SpanContext,
            TraceFlags,
            TraceState,
            set_span_in_context,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c4605bc3f2f5d84 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/otel/_span_utils.py:15
from opentelemetry.sdk.trace import Event, ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #41561694c311e144 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/voice/base_span_processor.py:28
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f93954592a4580e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/voice/base_span_processor.py:29
from opentelemetry.sdk.trace import ReadableSpan, Span, SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9741cc207cf47c48 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/voice/base_span_processor.py:30
from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #48a42cb076478a05 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/_internal/voice/translated_span.py:16
from opentelemetry.sdk.trace import Event, ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d26d599f97e64e07 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/client.py:233
        from opentelemetry import trace as otel_trace  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68bb8a2dcceaabbc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/client.py:234
        from opentelemetry.trace import set_span_in_context  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7eb2464ba6e31d30 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/client.py:257
    from opentelemetry.sdk.trace import TracerProvider  # type: ignore[import-not-found]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec098098d4da6e8b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/client.py:284
        from opentelemetry import trace as otel_trace  # type: ignore[import]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68c712cce067debb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/livekit/__init__.py:63
        from opentelemetry import trace as otel_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbc2577f5e0cc76f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/livekit/__init__.py:64
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #90c52924418f17cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/livekit/processor.py:18
from opentelemetry.sdk.trace import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd9c689e84bd7c10 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/__init__.py:15
    from opentelemetry.trace import Span, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0485fb1a157a7497 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/__init__.py:82
    from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01cb26bc1032c2fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/__init__.py:181
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc3093a6fe5ac9e6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/__init__.py:182
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cfe75fa83a4e0cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/__init__.py:183
        from opentelemetry.trace import NoOpTracer, ProxyTracer, ProxyTracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd4af23f105043a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/processor.py:12
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09b11d0fe9242e09 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/otel/processor.py:13
    from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #030fedd4c695c900 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/pipecat/__init__.py:63
        from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1cc661e86008f78 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/pipecat/__init__.py:64
        from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #970821654edf7deb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/pipecat/processor.py:36
from opentelemetry.sdk.trace import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a2fd57cc4453b64 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/strands_agents/exporter.py:19
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2ab40e0f546992e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/strands_agents/exporter.py:20
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1df4125738426f6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/integrations/strands_agents/exporter.py:21
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    ConsoleSpanExporter,
    SimpleSpanProcessor,
    SpanExporter,
    SpanExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #956f3f09d308ffe5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/run_helpers.py:2223
            import opentelemetry.trace  # noqa: F401

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43967e8f4447333d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langsmith/run_helpers.py:2245
    from opentelemetry.trace import (  # type: ignore[import]
        NonRecordingSpan,
        SpanContext,
        TraceFlags,
        TraceState,
        use_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 67 low-confidence finding(s)
low env_fs dependency Excluded from app score #e5e6129997bb1374 Environment-variable access.
pkgs/python/[email protected]/bench/create_run_tree.py:6
os.environ["LANGSMITH_API_KEY"] = "fake"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1b41fbadad48278 Environment-variable access.
pkgs/python/[email protected]/bench/tracing_client_via_pyo3.py:28
    if os.environ.get("LANGSMITH_USE_PYO3_CLIENT") is None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6f1fed94941b8b8 Environment-variable access.
pkgs/python/[email protected]/bench/tracing_client_via_pyo3.py:34
    api_key = os.environ["LANGSMITH_API_KEY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e52d7589de0a770 Filesystem access.
pkgs/python/[email protected]/bench/upload_example_with_large_file_attachment.py:24
    with open(filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41f8c923f51031b7 Environment-variable access.
pkgs/python/[email protected]/conftest.py:95
    shard_total_raw = os.getenv("PYTEST_SHARD_TOTAL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f73bd6df8f34908 Environment-variable access.
pkgs/python/[email protected]/conftest.py:96
    shard_index_raw = os.getenv("PYTEST_SHARD_INDEX")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #301c6e1aefef2407 Filesystem access.
pkgs/python/[email protected]/docs/_extensions/gallery_directive.py:82
            yaml_string = path_data.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #90ac56f43955ec61 Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:256
html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5f82bfee4ea393b7 Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:259
if os.environ.get("READTHEDOCS", "") == "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aa87d6949a469811 Filesystem access.
pkgs/python/[email protected]/docs/create_api_rst.py:368
        with open(package_dir.parent / "pyproject.toml") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e6b9e2a508bbe230 Filesystem access.
pkgs/python/[email protected]/docs/create_api_rst.py:410
    with open(HERE / "reference.md", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #fff5c24dab3f02b0 Filesystem access.
pkgs/python/[email protected]/docs/create_api_rst.py:423
    with open(HERE / "index.md", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6efcc1ac86578a9a Filesystem access.
pkgs/python/[email protected]/docs/create_api_rst.py:433
        with open(HERE / name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8530a4eaefe65701 Filesystem access.
pkgs/python/[email protected]/docs/scripts/custom_formatter.py:39
        with open(fn) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ef798dfeef032d86 Filesystem access.
pkgs/python/[email protected]/docs/scripts/custom_formatter.py:42
        with open(fn, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d008673cbf448f10 Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_oauth_refresh_lock.py:45
    with open(meta, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68fdc0f743cf61d1 Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_oauth_refresh_lock.py:52
        with open(os.path.join(lock_dir, _LOCK_METADATA_FILE), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46e1526f43364287 Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_operations.py:359
                    file = open(data_or_path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55e5432e49b7e633 Environment-variable access.
pkgs/python/[email protected]/langsmith/_internal/_profiles.py:69
    if config_file := os.environ.get("LANGSMITH_CONFIG_FILE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2257018c13857ec4 Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_profiles.py:82
        raw = json.loads(path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0c41d22c5d6048e Environment-variable access.
pkgs/python/[email protected]/langsmith/_internal/_profiles.py:90
    profile_name = os.environ.get("LANGSMITH_PROFILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b050ceaa8f49102f Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_profiles.py:217
        temp_path.write_text(json.dumps(config, indent=2) + "\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7ec5ff0e800ba6b Filesystem access.
pkgs/python/[email protected]/langsmith/_internal/_profiles.py:301
            raw = json.loads(self._state.path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0d6d6b5e6fbf1aa Environment-variable access.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:77
    endpoint = os.environ.get("OTEL_EXPORTER_OTLP_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fa350d5dba6c78e Environment-variable access.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:84
    headers_env = os.environ.get("OTEL_EXPORTER_OTLP_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3de8a5cf5c73a5e Environment-variable access.
pkgs/python/[email protected]/langsmith/_internal/otel/_otel_client.py:100
    service_name = os.environ.get("OTEL_SERVICE_NAME", "langsmith")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fad8be332cf3238 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:97
            api_key = os.environ.get("LANGSMITH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d772fc518fa17e94 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:101
            tenant_id = os.environ.get("LANGSMITH_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cce8cc513a834ee Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:105
            base_url = os.environ.get("LANGCHAIN_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a151a9460780bdd Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:109
        custom_headers_env = os.environ.get("LANGCHAIN_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0fb75951b15f818 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:353
            api_key = os.environ.get("LANGSMITH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c45edb543d7eea91 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:357
            tenant_id = os.environ.get("LANGSMITH_TENANT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22f55861e2cf0b74 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:361
            base_url = os.environ.get("LANGCHAIN_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b36e124b2cd7559e Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_client.py:365
        custom_headers_env = os.environ.get("LANGCHAIN_CUSTOM_HEADERS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48a804a2033ba3ac Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c759955d9274637 Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8e2ca392c629a72 Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30ac6f67bf712def Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33cc3bfb2a399065 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_models.py:120
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9eec50892367199 Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_response.py:497
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1e2f65be16e1010 Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_response.py:539
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2edb4dee61625da0 Environment-variable access.
pkgs/python/[email protected]/langsmith/_openapi_client/_utils/_logs.py:17
    env = os.environ.get("LANGCHAIN_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a54c34a5a727029f Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f61a7a7107371885 Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28741c87484109cb Filesystem access.
pkgs/python/[email protected]/langsmith/_openapi_client/_utils/_utils.py:379
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f39f53bca0dca72 Environment-variable access.
pkgs/python/[email protected]/langsmith/client.py:627
        value = os.environ.get(f"{namespace}_{name}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b50cda5d27f3d23 Environment-variable access.
pkgs/python/[email protected]/langsmith/client.py:1145
            os.getenv("LANGSMITH_ENDPOINT") or os.getenv("LANGCHAIN_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27f8793e86673939 Environment-variable access.
pkgs/python/[email protected]/langsmith/client.py:1146
        ) and os.getenv("LANGSMITH_RUNS_ENDPOINTS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01e2da8d153e2772 Filesystem access.
pkgs/python/[email protected]/langsmith/client.py:1607
            temp_path.write_text(json.dumps(envelope))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96241c1d8fbef38e Filesystem access.
pkgs/python/[email protected]/langsmith/client.py:2221
            with open(csv_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2994b4a8e1bbd80 Filesystem access.
pkgs/python/[email protected]/langsmith/client.py:6139
                                file = open(attachment_data, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb1af658a780ca28 Filesystem access.
pkgs/python/[email protected]/langsmith/integrations/claude_agent_sdk/_usage.py:116
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bf9600ac744803a Filesystem access.
pkgs/python/[email protected]/langsmith/integrations/claude_agent_sdk/_usage.py:174
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82a7e5ea430ec15b Environment-variable access.
pkgs/python/[email protected]/langsmith/integrations/google_adk/_client.py:55
    use_vertexai = os.environ.get("GOOGLE_GENAI_USE_VERTEXAI", "0").lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #407bb72b34075d3a Filesystem access.
pkgs/python/[email protected]/langsmith/integrations/livekit/processor.py:388
            audio_bytes = audio_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6601415e806f365 Filesystem access.
pkgs/python/[email protected]/langsmith/prompt_cache.py:229
            with open(temp_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dc682f6fc3534eb Filesystem access.
pkgs/python/[email protected]/langsmith/prompt_cache.py:260
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b57ba5b3224afb0e Environment-variable access.
pkgs/python/[email protected]/langsmith/pytest_plugin.py:306
        if os.environ.get("PYTEST_XDIST_TESTRUNUID"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1da3fe5810d16025 Environment-variable access.
pkgs/python/[email protected]/langsmith/run_trees.py:1267
    if parsed and (os.getenv("LANGSMITH_ENDPOINT") or os.getenv("LANGCHAIN_ENDPOINT")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #183c2473c09bf748 Environment-variable access.
pkgs/python/[email protected]/langsmith/testing/_internal.py:427
    if os.environ.get("PYTEST_XDIST_TESTRUNUID") and importlib.util.find_spec("xdist"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9928168bdf7c19bd Environment-variable access.
pkgs/python/[email protected]/langsmith/testing/_internal.py:428
        id_name = test_suite_name + os.environ["PYTEST_XDIST_TESTRUNUID"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05a58ad0b792ec94 Environment-variable access.
pkgs/python/[email protected]/langsmith/testing/_internal.py:433
    if os.environ.get("LANGSMITH_EXPERIMENT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75e5ee9fb6a36c82 Environment-variable access.
pkgs/python/[email protected]/langsmith/testing/_internal.py:434
        prefix = os.environ["LANGSMITH_EXPERIMENT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db4988fabd1992fe Environment-variable access.
pkgs/python/[email protected]/langsmith/testing/_internal.py:942
        env_val = os.environ.get("LANGSMITH_EXPERIMENT_METADATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6580f1f72a16a94c Environment-variable access.
pkgs/python/[email protected]/langsmith/utils.py:439
        value = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #694c2b362a0a335a Environment-variable access.
pkgs/python/[email protected]/langsmith/utils.py:448
    return os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #261385ac86fa49dd Environment-variable access.
pkgs/python/[email protected]/langsmith/utils.py:448
    return os.environ.get(
        # Hosted LangServe projects get precedence over all other defaults.
        # This is to make sure that we always use the associated project
        # for a hosted langserve deployment even if the customer sets some
        # other project name in their environment.
        "HOSTED_LANGSERVE_PROJECT_NAME",
        get_env_var(
            "PROJECT",
            # This is the legacy name for a LANGCHAIN_PROJECT, so it
            # has lower precedence than LANGCHAIN_PROJECT
            default=get_env_var(
                "SESSION", default="default" if return_default_value else None
            ),
        ),
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

firecrawl-py

python dependency
high pii_flow tooling reachable #809c5d2819434736 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:20 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:10 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:20
    resp = requests.post(idmux_url + "/", json=payload)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #d133a9256c7e50b0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:689 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:687
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #e014103e5e27024a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1255 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:1253
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #9ffafbd276e606d0 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:765 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/v1/client.py:767 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/v1/client.py:765
        response = requests.post(
            f"{self.api_url}/v1/search",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #3a3f6b987d5cf3b5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/firecrawl/v1/client.py:1418 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/v1/client.py:1420 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/firecrawl/v1/client.py:1418
        response = requests.post(
            f"{self.api_url}/v1/map",
            headers={"Authorization": f"Bearer {self.api_key}"},
            json=params_dict
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 115 low-confidence finding(s)
low env_fs dependency Excluded from app score #e0ef89bd11dc5773 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__init__.py:52
    if not (env := os.getenv("FIRECRAWL_LOGGING_LEVEL", "").upper()):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #72112a882dce0ad8 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:38
    missing_vars = [var for var in required_vars if not os.getenv(var)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #361aaa1a03297fa4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:49
    key = os.getenv("API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e5e78c3fe7914fa9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/conftest.py:58
    url = os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c1584b1697831e9c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #64118213b0031e35 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8a04e4d9c3da0572 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:20
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #87e7d3bd3cd13f38 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:35
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5c66972f1a42c9b5 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:80
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #52f2acffcb6410d4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:87
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0c99b66f4d8611e9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:94
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #52e659ba40519eb9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:105
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #df11549a9bd36f06 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:113
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #77cddb7c44b31fb3 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:121
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5e51f285e6805586 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:129
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ec499e01aeec4207 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:138
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9065a5467b6902f5 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:146
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #44064506848adf2e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:156
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6380111e92904754 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:163
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7e564a3786ab34ab Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_crawl.py:175
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c02fa1f293705130 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0023397753eb2c0d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ceee274613619df4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0df98fbed41fb3ec Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_extract.py:25
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ebc18972b764a81d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5ae5eb023ef7fb4a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8dac3e3696755caf Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e8a1e54ce2fc1b87 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_map.py:29
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #24fade1aab4968c8 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_parse.py:8
API_KEY = (os.getenv("API_KEY") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7eb985b53af8d019 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_parse.py:9
API_URL = (os.getenv("API_URL") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #db82d3d573193e9e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2f97623b7c95f6f2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6c7820b43774069f Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:19
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1e6fa214bb0ce40a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:35
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #334bf210c686da0a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:74
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3592e4f01b7ddf60 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:86
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #07cc7cbef0548f62 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:104
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fea1bdc3897d2cf2 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:123
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #4a1c0b5014999c3c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_scrape.py:135
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5a467fa91140b40c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_search.py:17
firecrawl = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #42d149200ac0cab1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:9
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #22169776912d8bb9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:12
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ae09beac25837f6c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:18
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #be1db4540ecea336 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:25
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #8d05c68defb2d8b6 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:32
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5b7a54d76b41e6d7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_usage.py:39
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f5083bddee203b25 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #aa236d449268b3e4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #5090d8d48f07c810 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:20
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3bf1953601655356 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/aio/test_aio_watcher.py:32
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fb1e3769cfb4c77e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:10
    idmux_url = os.getenv("IDMUX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e1802f2ce7685a8e Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:13
    run_number = int(os.getenv("GITHUB_RUN_NUMBER") or 0)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2dcbfdab403a9284 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:15
        "refName": os.getenv("GITHUB_REF_NAME") or "local",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f01c42e2103d979c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:28
        os.getenv("TEST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b7bc940cf3554f93 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:29
        or os.getenv("FIRECRAWL_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #563645ba58f41455 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:30
        or os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7bf8ed53ec80e356 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:37
    os.getenv("TEST_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #cb4e3538e32b8556 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:38
    or os.getenv("FIRECRAWL_API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f4914211a1690d58 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:39
    or os.getenv("API_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #3cd261bcf208685a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:43
_IDMUX_URL = os.getenv("IDMUX_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2bfe5071ba59a638 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:45
    run_name = os.getenv("PYTEST_RUN_NAME") or "py-e2e"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f12e13e2e5220a2a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:48
    os.environ["API_KEY"] = _IDENTITY.get("apiKey", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #12633d62a5b453f1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:49
    os.environ["API_URL"] = _API_URL

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #21addbc294dccbb6 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/conftest.py:53
    return _IDENTITY or {"apiKey": os.getenv("API_KEY") or "", "teamId": os.getenv("TEST_TEAM_ID") or os.getenv("TEAM_ID") or ""}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0ea539ff272d5f4b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:12
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ccb4ed3ae067d484 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:15
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #45b4a28b5d7c3893 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:21
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #bfd65d4539c000be Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:30
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f001d97a67156745 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:46
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7325c5aa91ca521b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_async.py:64
    client = AsyncFirecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a57956cc306536f4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #ec2403f47a5aa416 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #142e94ab3fbe9d2b Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_batch_scrape.py:21
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #04603577dc095594 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:10
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #162b0684e94900da Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:13
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #f7b4883fc6db0b8c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_crawl.py:21
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9340d7e264b22ba6 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:7
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6f2f3ddb596ee417 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:10
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2dee31f7cd8a4964 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_extract.py:18
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #077af0593e45a78a Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:8
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #55ebbbecc40f5779 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:11
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9eb75563cdba70d7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_map.py:22
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #828b3a6a4c3c2119 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_parse.py:8
API_KEY = (os.getenv("API_KEY") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e3f7ebeba24d97fd Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_parse.py:9
API_URL = (os.getenv("API_URL") or "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #92d5b0d2e8625bcb Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:11
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #47813f33444f29e0 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:14
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e375abc1a59a7ce4 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_scrape.py:22
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fec102a30b5a6962 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_search.py:8
firecrawl = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #efd4b22a40f17b62 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_usage.py:11
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #fa59b0504de8ef6d Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:8
if not os.getenv("API_KEY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2889b6c9b2f3de91 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:11
if not os.getenv("API_URL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b0d2a18409c5cadb Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/e2e/v2/test_watcher.py:18
        self.client = Firecrawl(api_key=os.getenv("API_KEY"), api_url=os.getenv("API_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #0a52ed1cca9fc957 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:14
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2010ffa40ace1a92 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:96
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #d17b374673b7744f Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:169
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #7868b77686a9f1d3 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:306
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #74f4f92352f09cd7 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:434
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1263a89e4ed75d60 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:523
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #1153a5530cdabce9 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:594
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b395ae75a0cf6bef Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:638
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b2af330bbc9ec3e1 Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:750
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #9ea10c950958d88c Environment-variable access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/test_recursive_schema_v1.py:839
        self.app = V1FirecrawlApp(api_key=os.environ.get('TEST_API_KEY', 'test-key'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #e144563b4aee33ec Filesystem access.
pkgs/python/[email protected]/firecrawl/__tests__/unit/v2/methods/test_parse_request_preparation.py:41
        file_path.write_text("<html><body>Path Upload</body></html>")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3c6306602fc8bc5 Filesystem access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:32
      version_file = Path(os.path.join(package_path, '__init__.py')).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf875166e2900b6a Environment-variable access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:447
        self.api_key = api_key or os.getenv('FIRECRAWL_API_KEY')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a06620e26122dce Environment-variable access.
pkgs/python/[email protected]/firecrawl/firecrawl.backup.py:448
        self.api_url = api_url or os.getenv('FIRECRAWL_API_URL', 'https://api.firecrawl.dev')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1014de30d4f3037a Filesystem access.
pkgs/python/[email protected]/firecrawl/v1/client.py:33
      version_file = Path(os.path.join(package_path, '__init__.py')).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #720377f890077d35 Environment-variable access.
pkgs/python/[email protected]/firecrawl/v1/client.py:529
        self.api_key = api_key or os.getenv('FIRECRAWL_API_KEY')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7e51457cd3889af Environment-variable access.
pkgs/python/[email protected]/firecrawl/v1/client.py:530
        self.api_url = api_url or os.getenv('FIRECRAWL_API_URL', 'https://api.firecrawl.dev')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02dabb16a996de1e Environment-variable access.
pkgs/python/[email protected]/firecrawl/v2/client.py:115
            api_key = os.getenv("FIRECRAWL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f5cd98a5280da5a Environment-variable access.
pkgs/python/[email protected]/firecrawl/v2/client_async.py:83
            api_key = os.getenv("FIRECRAWL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b0eb34d54275961 Filesystem access.
pkgs/python/[email protected]/firecrawl/v2/methods/parse.py:91
        file_bytes = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de66aa760449f5d3 Filesystem access.
pkgs/python/[email protected]/firecrawl/v2/utils/get_version.py:8
        version_file = (package_path / "__init__.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35b59d978ad94f86 Filesystem access.
pkgs/python/[email protected]/setup.py:7
long_description_content = (this_directory / "README.md").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44203b9beaa90b97 Filesystem access.
pkgs/python/[email protected]/setup.py:12
    version_file = (this_directory / "firecrawl" / "__init__.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-milvus

python dependency
high pii_flow dependency Excluded from app score #cb8fe5971cc0f907 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:79 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:63 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:79
        response = requests.post(url, headers=headers, json=params)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #f999b5cc24c95fde User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:131 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:121 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:131
        response = requests.post(url, headers=headers, json=params)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #22295e8344de8831 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:174 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:164 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:174
        response = requests.post(url, headers=headers, json=params)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #396caec15e2953f3 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:210 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:202 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_milvus/retrievers/zilliz_cloud_pipeline_retriever.py:210
        response = requests.post(url, headers=headers, json=params)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

assemblyai

python dependency
high pii_flow dependency Excluded from app score #53ad0708abcb8ba6 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/client.py:56 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/client.py:39 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/client.py:56
        self._http_client = httpx.Client(
            base_url=self.settings.base_url,
            headers=headers,
            timeout=self.settings.http_timeout,
            limits=limits,
            event_hooks={"response": [_store_response]},
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #a8de916a909b3893 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/streaming/v3/async_client.py:520 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/streaming/v3/async_client.py:517 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/streaming/v3/async_client.py:520
            self._http_client = httpx.AsyncClient(
                base_url="https://" + self._api_host,
                headers=headers,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #76324521f7997dee User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/assemblyai/streaming/v3/client.py:382 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/streaming/v3/client.py:377 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/assemblyai/streaming/v3/client.py:382
        self._http_client = httpx.Client(
            base_url="https://" + api_host,
            headers=headers,
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #c60c91fe01337c0a Filesystem access.
pkgs/python/[email protected]/assemblyai/extras.py:102
    with open(filepath, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dc2dc8fc0f541b6 Filesystem access.
pkgs/python/[email protected]/assemblyai/sync/v1/_base.py:44
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8227263fcc090364 Filesystem access.
pkgs/python/[email protected]/assemblyai/transcriber.py:210
            with open(filepath, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4117bab0e9db880b Filesystem access.
pkgs/python/[email protected]/assemblyai/transcriber.py:868
            with open(data, "rb") as audio_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a59e4d8e27b02fe Filesystem access.
pkgs/python/[email protected]/setup.py:5
long_description = (Path(__file__).parent / "README.md").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #451496bad515ce68 Filesystem access.
pkgs/python/[email protected]/setup.py:10
    with open(Path(__file__).parent / "assemblyai" / "__version__.py") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

transformers

python dependency
high pii_flow dependency Excluded from app score #fc23e37f3a838275 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2561 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2534 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2561
            req = urllib.request.Request(url, data=data, headers=headers, method="POST")

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #65d1f5194bb6b60d User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2562 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2534 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2562
            with urllib.request.urlopen(req, timeout=5, context=self._get_ssl_context()) as resp:

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #90974ec96d64b47b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/transformers/utils/hub.py:178 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/utils/hub.py:178 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/transformers/utils/hub.py:178
        instance_data = httpx.get(os.environ["ECS_CONTAINER_METADATA_URI"]).json()

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 382 low-confidence finding(s)
low env_fs dependency Excluded from app score #1b64f6dd40bd5eab Filesystem access.
pkgs/python/[email protected]/setup.py:311
        with open(target, "w", encoding="utf-8", newline="\n") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f9c6c450cc8480b Filesystem access.
pkgs/python/[email protected]/setup.py:331
        long_description=open("README.md", "r", encoding="utf-8").read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52bef967b43f4e18 Filesystem access.
pkgs/python/[email protected]/src/transformers/audio_utils.py:320
            with open(audio, "rb") as audio_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8090669a4f4347bf Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:176
    with open(file_name, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8736f77802fab1c Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:182
    with open(file_name, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2c824a61516e543 Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:228
    autofile = (repo_path / "src" / "transformers" / "models" / "auto" / "auto_mappings.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b74ca74de16ce8fb Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:246
                file = (repo_path / "src" / "transformers" / "models" / "auto" / filename).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1142d8821b6a979a Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:333
    with open(toc_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10a5435aea4ecbc6 Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:392
    with open(module_name, "r", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98f73d2f2a5c04ca Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:517
            with open(original_test_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d188be98fac4b67 Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:567
    with open(new_module_folder / f"modular_{new_lowercase_name}.py", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0331062a8f811237 Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:572
    with open(new_module_folder / "__init__.py", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6902610c4cb9b68c Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:589
    with open(tests_folder / "__init__.py", "w"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aaccd77a753c9a5e Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:593
        with open(tests_folder / filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fe5d5b1c4e4cc9a Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/add_new_model_like.py:598
    with open(repo_path / "docs" / "source" / "en" / "model_doc" / f"{new_lowercase_name}.md", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c68e015255ae1a1 Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/chat.py:363
            with open(examples_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ba66dbace1dc61c Filesystem access.
pkgs/python/[email protected]/src/transformers/cli/chat.py:659
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78c121a8a9f8a04a Filesystem access.
pkgs/python/[email protected]/src/transformers/configuration_utils.py:911
        with open(json_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84bd14f3ab135a83 Filesystem access.
pkgs/python/[email protected]/src/transformers/configuration_utils.py:1115
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b324d4c870a0e553 Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:159
        with open(model, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4f90569dfe18a10 Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:706
        with open(self.original_tokenizer.vocab_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf976d58cea301d6 Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:1713
        with open(vocab_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bdfedc872004024 Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:1753
        with open(vocab_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cccb328ac0bed440 Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:1843
        with open(vocab_file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c26dac034bf1df6c Filesystem access.
pkgs/python/[email protected]/src/transformers/convert_slow_tokenizer.py:2003
        with open(self.vocab_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30855d0bdc87e7de Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:576
        with open(output_prediction_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aafca1ee2517ba84 Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:580
        with open(output_nbest_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09cc7801b14ba383 Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:584
        with open(output_null_log_odds_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #786c1cefd31030ba Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:769
    with open(output_prediction_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9c8d2ab3ca7ab3e Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:772
    with open(output_nbest_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #085e067d98f0333d Filesystem access.
pkgs/python/[email protected]/src/transformers/data/metrics/squad_metrics.py:776
        with open(output_null_log_odds_file, "w") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #258b051c93bd299a Filesystem access.
pkgs/python/[email protected]/src/transformers/data/processors/squad.py:515
        with open(
            os.path.join(data_dir, self.train_file if filename is None else filename), "r", encoding="utf-8"
        ) as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c2cef8b02a56810 Filesystem access.
pkgs/python/[email protected]/src/transformers/data/processors/squad.py:536
        with open(
            os.path.join(data_dir, self.dev_file if filename is None else filename), "r", encoding="utf-8"
        ) as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c3e5c60b33d0f8b Filesystem access.
pkgs/python/[email protected]/src/transformers/data/processors/utils.py:119
        with open(input_file, "r", encoding="utf-8-sig") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e08df137010ff738 Filesystem access.
pkgs/python/[email protected]/src/transformers/distributed/configuration_utils.py:86
        with open(json_file_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f78d3a877fb652eb Filesystem access.
pkgs/python/[email protected]/src/transformers/dynamic_module_utils.py:133
    with open(module_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ff5c77df81fbee6 Filesystem access.
pkgs/python/[email protected]/src/transformers/dynamic_module_utils.py:186
    with open(filename, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e519900c2745dedc Filesystem access.
pkgs/python/[email protected]/src/transformers/dynamic_module_utils.py:298
        module_hash: str = hashlib.sha256(b"".join(bytes(f) + f.read_bytes() for f in module_files)).hexdigest()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60e9f1a1cf6d2fe4 Filesystem access.
pkgs/python/[email protected]/src/transformers/dynamic_module_utils.py:341
        source_files_hash.update(file_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16bbdccd845878d7 Filesystem access.
pkgs/python/[email protected]/src/transformers/dynamic_module_utils.py:813
        with open(requirements, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67204618ee9cbd2b Filesystem access.
pkgs/python/[email protected]/src/transformers/feature_extraction_utils.py:611
        with open(json_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34eed8e4d5390458 Filesystem access.
pkgs/python/[email protected]/src/transformers/feature_extraction_utils.py:639
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad710b2845c2c591 Filesystem access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1072
        with open(json_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47340b587e391b67 Filesystem access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1235
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a18db068afde95d Filesystem access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1356
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2595eec19eb3cefb Environment-variable access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1802
        graph_mixing_supported = os.environ.get("NCCL_GRAPH_MIXING_SUPPORT", "1") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61fa23484e3bd4fd Environment-variable access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1803
        distributed = int(os.environ.get("WORLD_SIZE", "1")) > 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3168e8ce634734d6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/generation/configuration_utils.py:1808
            os.environ.setdefault("NCCL_GRAPH_MIXING_SUPPORT", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #411cfc6c6621b8d3 Environment-variable access.
pkgs/python/[email protected]/src/transformers/generation/continuous_batching/distributed.py:160
        graph_mixing_not_disabled = os.environ.get("NCCL_GRAPH_MIXING_SUPPORT") != "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4414e7d78fd593f Environment-variable access.
pkgs/python/[email protected]/src/transformers/generation/utils.py:2144
            os.environ["TOKENIZERS_PARALLELISM"] = "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5255d73374a979d5 Filesystem access.
pkgs/python/[email protected]/src/transformers/hf_argparser.py:333
                    file_args += args_file.read_text().split()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9067ae46b988af8 Filesystem access.
pkgs/python/[email protected]/src/transformers/hf_argparser.py:403
        with open(Path(json_file), encoding="utf-8") as open_json_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #add3ba13b78effe2 Filesystem access.
pkgs/python/[email protected]/src/transformers/hf_argparser.py:425
        outputs = self.parse_dict(yaml.safe_load(Path(yaml_file).read_text()), allow_extra_keys=allow_extra_keys)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c56acf6a32c6550 Filesystem access.
pkgs/python/[email protected]/src/transformers/image_processing_base.py:417
        with open(json_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b65ad1cfa09c950c Filesystem access.
pkgs/python/[email protected]/src/transformers/image_processing_base.py:445
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1de927ad280e62e Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/accelerate.py:115
                local_rank = int(os.environ.get("LOCAL_RANK", 0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e986e6e1feafcd1 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/finegrained_fp8.py:254
        and os.environ.get("TRANSFORMERS_DISABLE_DEEPGEMM_LINEAR", "0") != "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03062771ac0b83eb Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/fsdp.py:51
            and strtobool(os.environ.get("ACCELERATE_USE_FSDP", "False")) == 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e870b07f1c334379 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/fsdp.py:52
            and strtobool(os.environ.get("FSDP_CPU_RAM_EFFICIENT_LOADING", "False")) == 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c146efce27200a74 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/hub_kernels.py:80
    _TRANSFORMERS_USE_HUB_KERNELS = os.environ.get("USE_HUB_KERNELS", "YES").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b307498af8e68aa Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:40
if os.getenv("WANDB_MODE") == "offline":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6096070644c5c3de Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:176
    if os.getenv("DISABLE_MLFLOW_INTEGRATION", "FALSE").upper() == "TRUE":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15e532f4830bde20 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:212
    if os.getenv("DISABLE_KUBEFLOW_INTEGRATION", "FALSE").upper() == "TRUE":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #396fcc8d35f96f34 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:214
    return os.getenv("KUBEFLOW_TRAINER_SERVER_URL") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2e8fb562fccecf9 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:436
    ray_scope = os.getenv("RAY_SCOPE", "last")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1ca180c481c630a Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:602
        self.logging_dir = os.getenv("TENSORBOARD_LOGGING_DIR", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59c4db6b37627a9e Filesystem access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:664
    with open(f"{output_dir}/model_architecture.txt", "w+") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #391aee82dfab1331 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:709
        self._log_model = WandbLogModel(os.getenv("WANDB_LOG_MODEL", "false"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34d5084801649fcb Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:763
                    project=os.getenv("WANDB_PROJECT", "huggingface"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97845dc792c5eeca Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:775
            _watch_model = os.getenv("WANDB_WATCH", "false")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a27655cfe89390b0 Filesystem access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:815
                                fa.write(f.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4be88dca26a3901 Filesystem access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:878
                            fa.write(f.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa6d0828c1f032b5 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1170
        log_assets = os.getenv("COMET_LOG_ASSETS", "FALSE").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0108603ffc16f81c Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1174
            comet_old_mode = os.getenv("COMET_MODE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #713737caac536e0c Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1334
        self._log_artifacts = os.getenv("HF_MLFLOW_LOG_ARTIFACTS", "FALSE").upper() in ENV_VARS_TRUE_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc98c531091553b4 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1335
        self._nested_run = os.getenv("MLFLOW_NESTED_RUN", "FALSE").upper() in ENV_VARS_TRUE_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49952a8988d1d5fd Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1336
        self._tracking_uri = os.getenv("MLFLOW_TRACKING_URI", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #354ea627a789edd4 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1337
        self._experiment_name = os.getenv("MLFLOW_EXPERIMENT_NAME", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0e9b6dd1eeaa35f Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1338
        self._flatten_params = os.getenv("MLFLOW_FLATTEN_PARAMS", "FALSE").upper() in ENV_VARS_TRUE_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a8774fb4651ab92 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1339
        self._run_id = os.getenv("MLFLOW_RUN_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa66b69f3f2cb42d Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1340
        self._max_log_params = os.getenv("MLFLOW_MAX_LOG_PARAMS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ade905e19e58cd2 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1403
            mlflow_tags = os.getenv("MLFLOW_TAGS", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5542fa92828fadf Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1487
        self.log_artifacts = os.getenv("HF_DAGSHUB_LOG_ARTIFACTS", "FALSE").upper() in ENV_VARS_TRUE_VALUES

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97c4cb9909fe5dee Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1488
        self.name = os.getenv("HF_DAGSHUB_MODEL_NAME") or "main"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f81ac8a9e0ae57c Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1489
        self.remote = os.getenv("MLFLOW_TRACKING_URI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97c9b924e8f2a354 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1493
            branch=os.getenv("BRANCH") or "main",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5798fac5397b04f Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1908
                    self._log_model = os.getenv(
                        "CLEARML_LOG_MODEL",
                        "FALSE" if not ClearMLCallback._task_created_in_callback else "TRUE",
                    ).upper() in ENV_VARS_TRUE_VALUES.union({"TRUE"})

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6965ec381650f8d7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1915
                        project_name=os.getenv("CLEARML_PROJECT", "HuggingFace Transformers"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b638e741c47729d0 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1916
                        task_name=os.getenv("CLEARML_TASK", "Trainer"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4789f161c7bf8a19 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:1920
                    self._log_model = os.getenv("CLEARML_LOG_MODEL", "TRUE").upper() in ENV_VARS_TRUE_VALUES.union(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4e12328ac14828d Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2189
            log_model_env = os.getenv("HF_DVCLIVE_LOG_MODEL", "FALSE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eab6d3ac181e72db Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2271
        self._log_model = os.getenv("SWANLAB_LOG_MODEL", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #140469385bf501d3 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2342
            init_args["project"] = os.getenv("SWANLAB_PROJECT", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23d34e8de3781b17 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2344
            run_id = os.getenv("SWANLAB_RUN_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81c049b79ad94efb Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2348
            resume = os.getenv("SWANLAB_RESUME", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48f3d37b1f4e9470 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2494
        ca_file = os.environ.get(self._ENV_CA_CERT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae4fa16db359e558 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2512
        token_path = os.environ.get(self._ENV_TOKEN_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89a3463bb0d50ce9 Filesystem access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2518
            with open(token_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00e75c70a0dedeb8 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/integration_utils.py:2534
            url = os.environ.get(self._ENV_SERVER_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6440052be4fd6054 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/mxfp4.py:417
        rank = int(os.environ.get("LOCAL_RANK", "0"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #083d079f3b13231c Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/npu_flash_attention.py:30
SPARSE_MODE = int(os.getenv("NPU_FA2_SPARSE_MODE", default=DOWN_RIGHT_ALIGNED_CAUSAL_MASK_MODE))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44f391194b226bca Filesystem access.
pkgs/python/[email protected]/src/transformers/integrations/peft.py:708
        with open(_adapter_model_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #379648750be62c3f Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/tensor_parallel.py:77
                rank = int(os.environ["RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7973a362e3e2aa57 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/tensor_parallel.py:78
                local_rank = int(os.environ["LOCAL_RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e8fdac40d012842 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/tensor_parallel.py:79
                world_size = int(os.environ["WORLD_SIZE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81d5256fe1bb9b85 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/tensor_parallel.py:103
            current_device.set_device(int(os.environ["LOCAL_RANK"]))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d38e7e35b827d853 Environment-variable access.
pkgs/python/[email protected]/src/transformers/integrations/tensor_parallel.py:122
        device_map = torch.device(f"{device_mesh.device_type}:{int(os.environ['LOCAL_RANK'])}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37714208d378a9e3 Filesystem access.
pkgs/python/[email protected]/src/transformers/model_debugging_utils.py:243
    with open(full_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #017f175db903ca47 Filesystem access.
pkgs/python/[email protected]/src/transformers/model_debugging_utils.py:266
    with open(summary_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8821d7e5bbb60c52 Environment-variable access.
pkgs/python/[email protected]/src/transformers/modeling_flash_attention_utils.py:655
            deterministic if deterministic is not None else os.getenv("FLASH_ATTENTION_DETERMINISTIC", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f2e68c0a7839525 Environment-variable access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:163
XLA_USE_BF16 = os.environ.get("XLA_USE_BF16", "0").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7fb5a1190fa0ad7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:164
XLA_DOWNCAST_BF16 = os.environ.get("XLA_DOWNCAST_BF16", "0").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0483713ff7dcc307 Environment-variable access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:213
    return _is_torch_distributed_initialized() and int(os.environ.get("LOCAL_RANK", "-1")) == 0

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c7a6e07e0ea5a47 Filesystem access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:323
        with open("/proc/mounts", encoding="utf-8") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f92c08e7942b21fa Filesystem access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:356
            with open(checkpoint_path, "rb") as _fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b1db7a1e43baa69 Filesystem access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:3617
            with open(save_index_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb971a0dfa4acc8b Environment-variable access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:4180
        if device_map == "auto" and int(os.environ.get("WORLD_SIZE", "0")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83a12950396dcf73 Filesystem access.
pkgs/python/[email protected]/src/transformers/modeling_utils.py:4482
                        with open(file, "rb") as _fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5d99364e81b9490 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/auto/auto_factory.py:311
                with open(maybe_adapter_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83a541483433e47a Filesystem access.
pkgs/python/[email protected]/src/transformers/models/auto/processing_auto.py:273
                with open(tokenizer_config_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3444cade7ff1d030 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/auto/tokenization_auto.py:434
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1a29ffd2055bd3e Filesystem access.
pkgs/python/[email protected]/src/transformers/models/auto/tokenization_auto.py:441
    with open(merges_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d01f53f4b9bde4c3 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/auto/tokenization_auto.py:612
    with open(resolved_config_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a284ecdca91dc938 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bark/processing_bark.py:101
                with open(speaker_embeddings_path) as speaker_embeddings_json:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cd47b5bf291fa81 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bark/processing_bark.py:161
            with open(os.path.join(save_directory, speaker_embeddings_dict_path), "w") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d7a824fd4296a21 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bartpho/tokenization_bartpho.py:133
        with open(monolingual_vocab_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29f39ad73d1a3c09 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bartpho/tokenization_bartpho.py:306
            with open(out_vocab_file, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd817c93e5c7f05f Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bartpho/tokenization_bartpho.py:315
            with open(out_monolingual_vocab_file, "w", encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac48acd5dd872402 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert/tokenization_bert.py:33
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d34dbdee8d143b6d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert/tokenization_bert_legacy.py:32
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a55a6baf4926245 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert/tokenization_bert_legacy.py:245
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e67086b0b60a9b0d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert_japanese/tokenization_bert_japanese.py:41
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d01fee7e7c4eb21a Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert_japanese/tokenization_bert_japanese.py:278
            with open(vocab_file, "wb") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ad81e240fc542a9 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bert_japanese/tokenization_bert_japanese.py:282
            with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58bc566672147479 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bertweet/tokenization_bertweet.py:142
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1947c98f74d13746 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bertweet/tokenization_bertweet.py:316
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68594b4e2031176d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bertweet/tokenization_bertweet.py:324
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8a2e30f86003388 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/bertweet/tokenization_bertweet.py:338
                with open(f, "r", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19b8acdd34b20948 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/biogpt/tokenization_biogpt.py:116
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1481980d042cae2 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/biogpt/tokenization_biogpt.py:119
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19d4a502eae07bfc Filesystem access.
pkgs/python/[email protected]/src/transformers/models/biogpt/tokenization_biogpt.py:293
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c5e627a70eac7eb Filesystem access.
pkgs/python/[email protected]/src/transformers/models/biogpt/tokenization_biogpt.py:297
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29948e24c4357119 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/blenderbot_small/tokenization_blenderbot_small.py:89
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb3e5ed48f74e8a4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/blenderbot_small/tokenization_blenderbot_small.py:92
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48fd614aaf290fa8 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/blenderbot_small/tokenization_blenderbot_small.py:203
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ee50cab1aadb2ee Filesystem access.
pkgs/python/[email protected]/src/transformers/models/blenderbot_small/tokenization_blenderbot_small.py:207
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63dae4ca973e917d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/clvp/tokenization_clvp.py:149
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acffe7475b75add4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/clvp/tokenization_clvp.py:155
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e7e5255245362a7 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/cpm/tokenization_cpm.py:324
            with open(out_vocab_file, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95f063681855b8bd Filesystem access.
pkgs/python/[email protected]/src/transformers/models/cpmant/tokenization_cpmant.py:37
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae81a0a31d4caf61 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/cpmant/tokenization_cpmant.py:219
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ef756b2b448d85c Filesystem access.
pkgs/python/[email protected]/src/transformers/models/ctrl/tokenization_ctrl.py:128
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0ce2b88f415fe63 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/ctrl/tokenization_ctrl.py:131
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b40c1f9627f59bc Filesystem access.
pkgs/python/[email protected]/src/transformers/models/esm/openfold_utils/residue_constants.py:417
    stereo_chemical_props = resources.read_text("openfold.resources", "stereo_chemical_props.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b8bab1a2059177d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/esm/tokenization_esm.py:28
    with open(vocab_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0867e14722f9ec48 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/esm/tokenization_esm.py:136
        with open(vocab_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55755b8ea3d60041 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fastspeech2_conformer/tokenization_fastspeech2_conformer.py:65
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2011d0aef5ece5d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fastspeech2_conformer/tokenization_fastspeech2_conformer.py:163
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c67bd653434615d5 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/flaubert/tokenization_flaubert.py:237
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd215e94c82100f2 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/flaubert/tokenization_flaubert.py:240
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce1baa7dd3ee5505 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/flaubert/tokenization_flaubert.py:498
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #828df5aaf4963b68 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/flaubert/tokenization_flaubert.py:502
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #195baabcfdcb758c Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:204
        with open(src_vocab_file, encoding="utf-8") as src_vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86dfccce1abd51ce Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:206
        with open(tgt_vocab_file, encoding="utf-8") as tgt_vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #847b49ab2244a540 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:209
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bdd865f0490ae84 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:446
        with open(src_vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34dddc28d989f3cf Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:449
        with open(tgt_vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec9632a3f26f5633 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/fsmt/tokenization_fsmt.py:454
        with open(merges_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55248ce20522dde7 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/gpt_neox_japanese/tokenization_gpt_neox_japanese.py:35
    with open(emoji_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d32fcfdf8a45a48 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/gpt_neox_japanese/tokenization_gpt_neox_japanese.py:41
    with open(vocab_file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e36b6e74c117b9c Filesystem access.
pkgs/python/[email protected]/src/transformers/models/gpt_neox_japanese/tokenization_gpt_neox_japanese.py:180
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46e10d72d117e6b0 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/gpt_neox_japanese/tokenization_gpt_neox_japanese.py:190
        with open(emoji_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9512da504be4f880 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/luke/tokenization_luke.py:287
            with open(entity_vocab_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67b65a28dbc8e749 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/m2m_100/tokenization_m2m_100.py:311
            with open(spm_save_path, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #026a2650e8f70d15 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/m2m_100/tokenization_m2m_100.py:375
    with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e66baa0717715577 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/m2m_100/tokenization_m2m_100.py:380
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eeb2a866b0d1a237 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/marian/tokenization_marian.py:352
                with open(spm_save_path, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f9aa9f9ed384cae Filesystem access.
pkgs/python/[email protected]/src/transformers/models/marian/tokenization_marian.py:416
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f2eecb0dff00e94 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/marian/tokenization_marian.py:421
    with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9c269ff4a52cb3d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/megatron_gpt2/checkpoint_reshaping_and_interoperability.py:598
        with open(save_index_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cf14b121dcf5c57 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/megatron_gpt2/checkpoint_reshaping_and_interoperability.py:651
    with open(tracker_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f96ef3f3c0e5507 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/mgp_str/tokenization_mgp_str.py:53
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f1c29dd915da95c Filesystem access.
pkgs/python/[email protected]/src/transformers/models/mgp_str/tokenization_mgp_str.py:97
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4a9564908372be9 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/mluke/tokenization_mluke.py:308
            with open(entity_vocab_file, encoding="utf-8") as entity_vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d133b6d52169d9e Filesystem access.
pkgs/python/[email protected]/src/transformers/models/mluke/tokenization_mluke.py:1713
        with open(entity_vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26c526cfea589185 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/myt5/tokenization_myt5.py:46
            with open(rewriting_rules, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f31386ee522f3063 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/myt5/tokenization_myt5.py:195
        self.byte_maps = json.load(open(vocab_file, "r"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c46fdb413fee9db6 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/myt5/tokenization_myt5.py:373
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb8373494407591b Filesystem access.
pkgs/python/[email protected]/src/transformers/models/oneformer/image_processing_oneformer.py:95
    with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a4d544a939fe480 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/oneformer/image_processing_pil_oneformer.py:241
    with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5fcaadd22786806 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/phobert/tokenization_phobert.py:126
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd0dcc5e0f6e87a4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/phobert/tokenization_phobert.py:310
            with open(out_vocab_file, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0f961d345b21d05 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/phobert/tokenization_phobert.py:331
                with open(f, "r", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffee7f3b326874e4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/pop2piano/tokenization_pop2piano.py:111
        with open(vocab, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2292668b2e1ac021 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/pop2piano/tokenization_pop2piano.py:358
        with open(out_vocab_file, "w") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91851395e358b23d Filesystem access.
pkgs/python/[email protected]/src/transformers/models/prophetnet/tokenization_prophetnet.py:259
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e235bfc2087edd34 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/prophetnet/tokenization_prophetnet.py:438
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #486963ad7c3467a1 Environment-variable access.
pkgs/python/[email protected]/src/transformers/models/rag/retrieval_rag.py:134
        if not strtobool(os.environ.get("TRUST_REMOTE_CODE", "False")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6aad037cc75f1662 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/rag/retrieval_rag.py:141
        with open(passages_path, "rb") as passages_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e292b1aa1ed12708 Environment-variable access.
pkgs/python/[email protected]/src/transformers/models/rag/retrieval_rag.py:150
        if not strtobool(os.environ.get("TRUST_REMOTE_CODE", "False")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #951b1c275b04d768 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/rag/retrieval_rag.py:157
        with open(resolved_meta_path, "rb") as metadata_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87f2c9a0e28b139b Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:52
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #481f778163af21ec Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:139
        with open(word_shape_file, "r", encoding="utf8") as in_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e695d5f3e7f44e46 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:142
        with open(word_pronunciation_file, "r", encoding="utf8") as in_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00f9a1c5da741fd4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:1077
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4766e97ab03b10ac Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:1088
        with open(word_shape_file, "w", encoding="utf8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f04617bcccdb0c94 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/roc_bert/tokenization_roc_bert.py:1091
        with open(word_pronunciation_file, "w", encoding="utf8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60facf124aaa9b41 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/siglip/tokenization_siglip.py:345
            with open(out_vocab_file, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86ceda6c8590b3a9 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/speech_to_text/tokenization_speech_to_text.py:271
            with open(spm_save_path, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32c0cce04d49aadc Filesystem access.
pkgs/python/[email protected]/src/transformers/models/speech_to_text/tokenization_speech_to_text.py:285
    with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94c40a41e6afd1f0 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/speech_to_text/tokenization_speech_to_text.py:290
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b831d9f5a68d9b6 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/splinter/tokenization_splinter.py:33
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ddf583471c30860 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/tapas/tokenization_tapas.py:91
    with open(vocab_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #72e55e0db7e177da Filesystem access.
pkgs/python/[email protected]/src/transformers/models/tapas/tokenization_tapas.py:394
        with open(vocab_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f8942a5faf768f9 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/vits/tokenization_vits.py:83
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab2f9cce3706f4eb Filesystem access.
pkgs/python/[email protected]/src/transformers/models/vits/tokenization_vits.py:242
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c0b2a9b5cdca510 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/wav2vec2/tokenization_wav2vec2.py:154
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15879bd2a26a5fcb Filesystem access.
pkgs/python/[email protected]/src/transformers/models/wav2vec2/tokenization_wav2vec2.py:647
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8f6196881b6c30c Filesystem access.
pkgs/python/[email protected]/src/transformers/models/wav2vec2_phoneme/tokenization_wav2vec2_phoneme.py:138
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8b661c7affcf22f Filesystem access.
pkgs/python/[email protected]/src/transformers/models/wav2vec2_phoneme/tokenization_wav2vec2_phoneme.py:575
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47fa277f400793fe Filesystem access.
pkgs/python/[email protected]/src/transformers/models/whisper/tokenization_whisper.py:266
            with open(normalizer_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #319ca2a4da283dd3 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/whisper/tokenization_whisper.py:560
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e005c470af93378 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/whisper/tokenization_whisper.py:563
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b65e5d5be83b30a Filesystem access.
pkgs/python/[email protected]/src/transformers/models/whisper/tokenization_whisper.py:568
            with open(normalizer_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3407121428e8421 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/xlm/tokenization_xlm.py:244
        with open(vocab_file, encoding="utf-8") as vocab_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d3f1f89b0ac3273 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/xlm/tokenization_xlm.py:247
        with open(merges_file, encoding="utf-8") as merges_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6fac3d3c33fb86f Filesystem access.
pkgs/python/[email protected]/src/transformers/models/xlm/tokenization_xlm.py:541
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61eb6fc7a7f0e9e4 Filesystem access.
pkgs/python/[email protected]/src/transformers/models/xlm/tokenization_xlm.py:545
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7ad7eb786457e3b Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/__init__.py:921
                with open(maybe_adapter_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3237d8bec753b77d Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/audio_classification.py:174
                with open(inputs, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae66c96cd7e8f33a Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/automatic_speech_recognition.py:352
                with open(inputs, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ad87a345edc8e54 Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:457
        with open(binary_path, "wb+") as f_output:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5680749da5fcc9ab Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:520
        with open(self.input_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f4a356c9b1756ca0 Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:535
        with open(self.output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4affbbc3a380382a Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:563
        with open(input_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ea54fb65106c7b7 Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:580
        with open(self.output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b194da067c51c6ba Environment-variable access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:1193
        if "TOKENIZERS_PARALLELISM" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c76aae9945734cc1 Environment-variable access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:1195
            os.environ["TOKENIZERS_PARALLELISM"] = "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db1cdfefde1354c6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:1313
        if "TOKENIZERS_PARALLELISM" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ec32b39394ada3c Environment-variable access.
pkgs/python/[email protected]/src/transformers/pipelines/base.py:1315
            os.environ["TOKENIZERS_PARALLELISM"] = "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfc2634fd26a5a68 Filesystem access.
pkgs/python/[email protected]/src/transformers/pipelines/zero_shot_audio_classification.py:111
                with open(audio, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9806b3599aedf53 Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1086
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bafe4e8880b30923 Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1166
            with open(output_chat_template_file_jinja, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5de6e8bf376922ea Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1174
                    with open(output_chat_template_file_jinja, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9eafb200df95744d Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1183
                    with open(template_filepath, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45fdf10df361edd3 Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1371
            with open(resolved_chat_template_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65c3baa6f328db3c Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1383
                template_name: open(template_file, "r", encoding="utf-8").read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #476be95b5b2f2297 Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1387
                with open(resolved_raw_chat_template_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc57cd6ec05f3ec8 Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1402
                with open(resolved_processor_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d32f767165b732ad Filesystem access.
pkgs/python/[email protected]/src/transformers/processing_utils.py:1428
                reader = open(resolved_audio_tokenizer_file, "r", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6dfc2a5cbfe2fb63 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:288
        value = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cdfdd73256d22c7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:304
        value = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bfe90c80856e175 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:1092
    if "TRANSFORMERS_TEST_BACKEND" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #274f40dbb9829eb7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:1093
        backend = os.environ["TRANSFORMERS_TEST_BACKEND"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb663119632096ed Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:1102
    if "TRANSFORMERS_TEST_DEVICE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cbbfd092ab24ad1 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:1103
        torch_device = os.environ["TRANSFORMERS_TEST_DEVICE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8372dbc2eb90ebff Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2165
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3025bb5cc8338a26 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2287
            for k in list(os.environ.keys()):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db80e06a3fddc8f6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2289
                    del os.environ[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf1c2ea676c6de3e Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2300
    return mock.patch.dict(os.environ, kwargs)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #647889cef0f53ce4 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2315
    env = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #722df09e83ef480c Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2417
        with open(report_files["durations"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cb3791e46449ef3 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2447
    with open(report_files["failures_long"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32107d32c4ea2fe1 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2452
    with open(report_files["failures_short"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6b043d48b18e884 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2457
    with open(report_files["failures_line"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fbd1d562ad47585 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2461
    with open(report_files["errors"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #134c1e57fef056a3 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2465
    with open(report_files["warnings"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71bd3ce2ede13222 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2479
    with open(report_files["summary_short"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45884d1bc3e341ea Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2483
    with open(report_files["stats"], "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f06f7203fab38761 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2583
    worker = os.environ.get("PYTEST_XDIST_WORKER", "gw0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ebfc6124acc1c7f Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2630
    with open(file_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bff5ee5fc18466a6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2832
        timeout = int(os.environ.get("PYTEST_TIMEOUT", "600"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80c1b528c466c957 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2868
        if os.getenv("_INSIDE_SUB_PROCESS", None) == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #faa1222af6618e59 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2871
            test = " ".join(os.environ.get("PYTEST_CURRENT_TEST").split(" ")[:-1])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5fe81e94d65f5cdc Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2873
                env = copy.deepcopy(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c40c57b940f60bb Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:2990
    skip_cuda_tests: bool = os.environ.get("SKIP_CUDA_DOCTEST", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1383e204641e0ed7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3228
    if "TRANSFORMERS_TEST_DEVICE_SPEC" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9fe81b7134068e7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3229
        device_spec_path = os.environ["TRANSFORMERS_TEST_DEVICE_SPEC"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3fc7aad62149d5c5 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3252
        if "TRANSFORMERS_TEST_DEVICE" in os.environ and torch_device != device_name:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1f754c1a8fa6811 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3453
    force_fullgraph = os.environ.get("TORCH_COMPILE_FORCE_FULLGRAPH", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e37a4ba395b19d7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3476
    full_test_name = os.environ.get("PYTEST_CURRENT_TEST", "").split(" ")[0]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c5e6b8987cb33ec Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3556
    with open(actual_test_file) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1dcb4f5682e360ca Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3562
    with open(caller_path) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8af1e0991d0a0363 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3650
    p = os.path.join(os.environ.get("_PATCHED_TESTING_METHODS_OUTPUT_DIR", ""), "captured_info.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8e37d90a7e534ca Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3652
    with open(p, "a") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad902c2adee6a4d3 Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3769
        if not os.environ.get("PYTEST_CURRENT_TEST", ""):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51e92ae55e41c53a Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3806
            if os.getenv("CI") == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56b3eb0aef1ef4ad Environment-variable access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:3882
    p = os.path.join(os.environ.get("_PATCHED_TESTING_METHODS_OUTPUT_DIR", ""), "captured_info.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c1cfffcccfa8232 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:4236
    with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0edbcd662ad87ba Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:4241
    with open(file, "r") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #798b54763f58406b Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:4477
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #370fdd9ddbb94143 Filesystem access.
pkgs/python/[email protected]/src/transformers/testing_utils.py:4486
            with open(new_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba5967b7f95741e3 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_python.py:1397
        with open(vocab_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92ee4908935de8ff Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_python.py:1406
        with open(merge_file, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8d164579953a153 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1661
                    with open(resolved_config_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #196d009536825a0f Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1780
            with open(tokenizer_config_file, encoding="utf-8") as tokenizer_config_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3de3c15533b60ca5 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1799
            with open(chat_template_file, encoding="utf-8") as chat_template_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8af8d07929d8512 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1806
            with open(template_file) as chat_template_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0dbb214b6d2d856 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1875
                with open(special_tokens_map_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #751cd55ff18ef21f Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1905
                with open(added_tokens_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a87f79877423869d Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:1918
                with open(tokenizer_file, encoding="utf-8") as tokenizer_file_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bba9e2b9e6ab796 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:2123
        with open(tokenizer_config_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfc57b48c2d7ec28 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:2176
            with open(added_tokens_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aeb98bc58d0879fe Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3314
            with open(chat_template_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d1f4ea4701d562c7 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3325
                    with open(chat_template_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81f254d709590458 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3335
                    with open(template_filepath, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a56f786b45b2dc6d Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3608
            with open(resolved_vocab_file, "r", encoding="utf-8") as vf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #199ac514c7e9aa3a Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3634
                with open(resolved_vocab_txt, "r", encoding="utf-8") as vf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e43521e358850f23 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_base.py:3660
            with open(resolved_merges_file, "r", encoding="utf-8") as mf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85773a20dea6cc5b Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_sentencepiece.py:260
            with open(out_vocab_file, "wb") as fi:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62237fc82a83dcf0 Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_tokenizers.py:121
            with open(fast_tokenizer_file, encoding="utf-8") as tokenizer_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46cfe2a3868df88d Filesystem access.
pkgs/python/[email protected]/src/transformers/tokenization_utils_tokenizers.py:1335
                with open(_config_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7fa1f8659b4adee Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer.py:2459
                model, device_ids=[int(os.getenv("SMDATAPARALLEL_LOCAL_RANK"))]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59a7b2846a5a2b65 Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer.py:4016
        with open(model_card_filepath, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #584a45b81c92ecce Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer.py:4121
                with open(index_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e18573edf4695117 Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_callback.py:146
        with open(json_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7d79d7c8d12c0bc Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_callback.py:152
        with open(json_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43d5e7ae71086926 Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_jit_checkpoint.py:60
            with open(sentinel_file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3db8d1a2b24a4161 Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_pt_utils.py:943
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #067e93057769526e Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_pt_utils.py:949
            with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57a65fc789f46627 Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_pt_utils.py:955
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb6b61497f00a11d Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:166
        os.environ["CUDA_LAUNCH_BLOCKING"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f90fc88ebae57903 Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:167
        os.environ["CUBLAS_WORKSPACE_CONFIG"] = ":16:8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4e83876243148e5 Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:169
        os.environ["ASCEND_LAUNCH_BLOCKING"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9983aa62078758ea Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:170
        os.environ["HCCL_DETERMINISTIC"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b7816ac3f6d0ec6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:172
        os.environ["FLASH_ATTENTION_DETERMINISTIC"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b79c24fba84132ee Filesystem access.
pkgs/python/[email protected]/src/transformers/trainer_utils.py:1094
    with open(load_index, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c43405cd0cad9121 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:86
    if os.environ.get("TORCHELASTIC_RUN_ID"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bfd3688c47a67da4 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1554
        self.mixed_precision = os.environ.get("ACCELERATE_MIXED_PRECISION", "no")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cad74b349d8e1e35 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1572
                os.environ["ACCELERATE_DYNAMO_BACKEND"] = self.torch_compile_backend

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab689f3ca1a82271 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1574
                    os.environ["ACCELERATE_DYNAMO_MODE"] = self.torch_compile_mode

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28e307615148e216 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1646
        elif strtobool(os.environ.get("ACCELERATE_USE_DEEPSPEED", "false")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a745ef8ea4f5a42 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1806
        if self.use_cpu or strtobool(os.environ.get("ACCELERATE_USE_CPU", "False")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efd51721c70a7aae Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1830
                os.environ["ACCELERATE_USE_DEEPSPEED"] = "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f17b63111b596f00 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1833
                del os.environ["ACCELERATE_USE_DEEPSPEED"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c89407408bf43226 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:1876
                    "cuda:0" if torch.cuda.is_available() else os.environ.get("ACCELERATE_TORCH_DEVICE", "cpu")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b341c49d1208798b Filesystem access.
pkgs/python/[email protected]/src/transformers/training_args.py:2691
            with open(self.fsdp_config, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb9119e70d0e6930 Environment-variable access.
pkgs/python/[email protected]/src/transformers/training_args.py:2758
        os.environ["FSDP_CPU_RAM_EFFICIENT_LOADING"] = cpu_ram_efficient_loading

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2ec2b771d7bb6549 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/transformers/utils/attention_visualizer.py:183
            img = Image.open(io.BytesIO(httpx.get(img, follow_redirects=True).content))

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #4c320fb4b7aaa305 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/generic.py:379
        with open(json_file, encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a08dd1f7186f572e Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/generic.py:862
        with open(pretrained_model_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #446075ef4b450e33 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/generic.py:868
        with open(os.path.join(pretrained_model_path, "config.json")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1de4b3340dbc960 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:107
HF_MODULES_CACHE = os.getenv("HF_MODULES_CACHE", os.path.join(constants.HF_HOME, "modules"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5426ec4994b9e3f Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:178
        instance_data = httpx.get(os.environ["ECS_CONTAINER_METADATA_URI"]).json()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fae66135fc5531fa Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:185
    sagemaker_params = json.loads(os.getenv("SM_FRAMEWORK_PARAMS", "{}"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62ca0af47327a876 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:187
    training_job_arn = os.getenv("TRAINING_JOB_ARN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #282f87c20a89664b Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:191
        "sm_framework": os.getenv("SM_FRAMEWORK_MODULE", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4b2676e48c2dfc7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:192
        "sm_region": os.getenv("AWS_REGION", None),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c9fa90f693c9df2 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:193
        "sm_number_gpu": os.getenv("SM_NUM_GPUS", "0"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06418a4c275a543f Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:194
        "sm_number_cpu": os.getenv("SM_NUM_CPUS", "0"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0020fc03b083bc50 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:215
    if os.environ.get("TRANSFORMERS_IS_CI", "").upper() in ENV_VARS_TRUE_VALUES:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14e3fc189aafa382 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/hub.py:879
    with open(index_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49593ead79cbaa4c Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:118
    return os.getenv(env_variable, "false").lower() in ("true", "1", "y", "yes", "on")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcbf583ca890095b Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:123
    return os.getenv(env_variable, "true").lower() in ("false", "0", "n", "no", "off")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3eec155546e72fb Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:130
USE_TORCH_XLA = os.environ.get("USE_TORCH_XLA", "1").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e155ee6037ccccb Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:347
    pytorch_cndev_based_mlu_check_previous_value = os.environ.get("PYTORCH_CNDEV_BASED_MLU_CHECK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30ade3c41b7be1aa Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:349
        os.environ["PYTORCH_CNDEV_BASED_MLU_CHECK"] = str(1)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f86d4cf2c69caa40 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:353
            os.environ["PYTORCH_CNDEV_BASED_MLU_CHECK"] = pytorch_cndev_based_mlu_check_previous_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e47f43257c7b7c76 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:355
            os.environ.pop("PYTORCH_CNDEV_BASED_MLU_CHECK", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9cae50fef6e6ba2 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:425
    if os.environ.get("PT_HPU_LAZY_MODE", "1") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #082e246ea66fc3e6 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1603
    if os.getenv("TRANSFORMERS_DISABLE_TORCH_CHECK", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c9cd7d593d75aea Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1652
        if "DATABRICKS_RUNTIME_VERSION" in os.environ and os.environ["DATABRICKS_RUNTIME_VERSION"] < "11.0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f9906530a82ff62 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1664
    sagemaker_params = os.getenv("SM_FRAMEWORK_PARAMS", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3e0b2da53e65545 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1678
    smp_options = os.getenv("SM_HP_MP_PARAMETERS", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d32ce4414f17f137 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1688
    mpi_options = os.getenv("SM_FRAMEWORK_PARAMS", "{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78725c581322f9f7 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:1701
    return "SAGEMAKER_JOB_NAME" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29885f6938be1eaf Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/import_utils.py:2813
        with open(os.path.join(module_path, module_name), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #528fbe09f03e0c04 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/logging.py:64
    env_level_str = os.getenv("TRANSFORMERS_VERBOSITY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #379e63c54a801f2e Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/logging.py:94
            sys.stderr = open(os.devnull, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #756c29dfccc3d417 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/logging.py:108
        if os.getenv("TRANSFORMERS_VERBOSITY", None) == "detail":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4dddae203b744dd3 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/logging.py:114
        ci = os.getenv("CI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f5263e08c0f8309 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/logging.py:322
    no_advisory_warnings = os.getenv("TRANSFORMERS_NO_ADVISORY_WARNINGS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2650b58b7da7a9dc Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/network_logging.py:172
        Path(dump_path).write_text(json.dumps(records), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41502230b9332921 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/network_logging.py:182
                records = json.loads(Path(record_file).read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b9c757c3b30fe28 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/network_logging.py:327
        report_path.write_text(json.dumps(self.build_report(), indent=2, sort_keys=True), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3298ca3a0175168d Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/network_logging.py:338
    enabled_raw = os.environ.get("NETWORK_DEBUG_REPORT", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d514b50e80ed09b Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/network_logging.py:344
    output_path = os.environ.get("NETWORK_DEBUG_REPORT_PATH", "").strip() or _DEFAULT_REPORT_PATH

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5ab6f5ad4ae0c56 Environment-variable access.
pkgs/python/[email protected]/src/transformers/utils/notebook.py:128
        if "VSCODE_PID" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa735fbf1321b843 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/pytest_helpers.py:39
    data = json.loads(p.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3a034ef5c44aee7 Filesystem access.
pkgs/python/[email protected]/src/transformers/utils/quantization_config.py:144
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c0801bf8e047a51 Filesystem access.
pkgs/python/[email protected]/src/transformers/video_processing_utils.py:769
        with open(json_file_path, "w", encoding="utf-8") as writer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ad6ea7423751bb0 Filesystem access.
pkgs/python/[email protected]/src/transformers/video_processing_utils.py:789
        with open(json_file, "r", encoding="utf-8") as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-mistralai

python dependency
high pii_flow dependency Excluded from app score #cd664dd4aad452bb User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_mistralai/chat_models.py:729 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_mistralai/chat_models.py:724 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_mistralai/chat_models.py:729
            self.client = httpx.Client(
                base_url=base_url_str,
                headers={
                    "Content-Type": "application/json",
                    "Accept": "application/json",
                    "Authorization": f"Bearer {api_key_str}",
                },
                timeout=self.timeout,
                verify=global_ssl_context,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #a1b976c82278c1e7 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/langchain_mistralai/chat_models.py:741 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_mistralai/chat_models.py:724 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/langchain_mistralai/chat_models.py:741
            self.async_client = httpx.AsyncClient(
                base_url=base_url_str,
                headers={
                    "Content-Type": "application/json",
                    "Accept": "application/json",
                    "Authorization": f"Bearer {api_key_str}",
                },
                timeout=self.timeout,
                verify=global_ssl_context,
            )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #423d61f3dc850f3f Environment-variable access.
pkgs/python/[email protected]/langchain_mistralai/chat_models.py:724
            or os.environ.get("MISTRAL_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c81d9dab002196f5 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:15
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8535585cfcb7068b Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:22
    content = version_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

openai

python dependency
high pii_flow dependency Excluded from app score #11f33eca803e16ef User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:278 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/openai/lib/azure.py:239 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/openai/lib/azure.py:278
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #4610938f1cb7152c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/openai/lib/azure.py:602 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/openai/lib/azure.py:563 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/openai/lib/azure.py:602
        self._azure_endpoint = httpx.URL(azure_endpoint) if azure_endpoint else None

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 63 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #301c174464db9ab8 Filesystem access.
pkgs/python/[email protected]/examples/image_stream.py:30
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6807dc565c5b7270 Filesystem access.
pkgs/python/[email protected]/examples/image_stream.py:41
            with open(filename, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2833325c6b595d47 Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:31
    endpoint = os.environ["AZURE_OPENAI_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1a88f1975575b32c Environment-variable access.
pkgs/python/[email protected]/examples/realtime/azure_realtime.py:37
    deployment_name = os.environ["AZURE_OPENAI_DEPLOYMENT_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #994d910b690097fd Filesystem access.
pkgs/python/[email protected]/examples/uploads.py:30
    data = file.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebdb67da48847929 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:158
api_type: _ApiType | None = _t.cast(_ApiType, _os.environ.get("OPENAI_API_TYPE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b8312aff345180c9 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:160
api_version: str | None = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #561b15e867d7d6c0 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:162
azure_endpoint: str | None = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14bb627b36169803 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:164
azure_ad_token: str | None = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36253e35bb6bf511 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:338
    return _os.environ.get("OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #478962ea26d3e8c1 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:342
    return azure_endpoint is not None or _os.environ.get("AZURE_OPENAI_API_KEY") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a00a2d3f3481a25 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:347
        _os.environ.get("AZURE_OPENAI_AD_TOKEN") is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7967cb84acf4813 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:363
            azure_endpoint = _os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3f74a903ce8e281 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:366
            azure_ad_token = _os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf8c19871be92965 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:369
            api_version = _os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d8b82718d15a3c5 Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:379
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0feb9fa8a27f454b Environment-variable access.
pkgs/python/[email protected]/src/openai/__init__.py:379
            if (azure_ad_token is not None or azure_ad_token_provider is not None) and _os.environ.get(
                "AZURE_OPENAI_API_KEY"
            ) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a003daa808cad39 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:209
                api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc865fa7ad340ae9 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:219
            admin_api_key = os.environ.get("OPENAI_ADMIN_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #871a9ef862ad2013 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:235
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e44d7e620ee06c7 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:239
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3ac912ba9ce14a9 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:243
            webhook_secret = os.environ.get("OPENAI_WEBHOOK_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19442f50892b67e3 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:251
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01b55d73025332de Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:255
        custom_headers_env = os.environ.get("OPENAI_CUSTOM_HEADERS") if provider_runtime is None else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a9af97570aa0cfc Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:805
                api_key = os.environ.get("OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #892e601f29fef53a Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:815
            admin_api_key = os.environ.get("OPENAI_ADMIN_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45f2f91b06e2defe Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:831
            organization = os.environ.get("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb551562deecf727 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:835
            project = os.environ.get("OPENAI_PROJECT_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ceb08d5d1c3e4fe6 Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:839
            webhook_secret = os.environ.get("OPENAI_WEBHOOK_SECRET")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf475431ab4e8ecf Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:847
            base_url = os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05bb1eed6475aeaa Environment-variable access.
pkgs/python/[email protected]/src/openai/_client.py:851
        custom_headers_env = os.environ.get("OPENAI_CUSTOM_HEADERS") if provider_runtime is None else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #299038ec962bbb64 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:69
            return (path.name, path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b11f9f0e9740fc74 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:81
        return pathlib.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50349c122b6852f9 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:111
            return (path.name, await path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b94540158d547351 Filesystem access.
pkgs/python/[email protected]/src/openai/_files.py:123
        return await anyio.Path(file).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e68a96278243fde1 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:441
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33fc324bb360f624 Filesystem access.
pkgs/python/[email protected]/src/openai/_legacy_response.py:454
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13a4fa7545a2d241 Environment-variable access.
pkgs/python/[email protected]/src/openai/_models.py:129
            extra="allow", defer_build=coerce_boolean(os.environ.get("DEFER_PYDANTIC_BUILD", "true"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d54df9fa154891a8 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:513
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b62a61c6ab234837 Filesystem access.
pkgs/python/[email protected]/src/openai/_response.py:555
        with open(file, mode="wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a9cc33343941a0f Environment-variable access.
pkgs/python/[email protected]/src/openai/_utils/_logs.py:23
    env = os.environ.get("OPENAI_LOG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cab6d29b58da8b99 Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:248
            binary = data.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71e634b62dc4c82d Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_transform.py:414
            binary = await anyio.Path(data).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #584792b68d0fc0ab Filesystem access.
pkgs/python/[email protected]/src/openai/_utils/_utils.py:383
    contents = Path(path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be1151c4a815d8d2 Filesystem access.
pkgs/python/[email protected]/src/openai/auth/_workload.py:58
            with open(token_file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bab7e927a20ca4c Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/_bedrock_auth.py:172
        region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #723409ceca2164b3 Filesystem access.
pkgs/python/[email protected]/src/openai/lib/_validators.py:485
                with open(fname, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f43796060f9b4e33 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:214
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2dd73beb2738de7 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:217
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40f75ab004805168 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:225
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21dbdecbae599313 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:239
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3120565536d73024 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:538
            api_key = os.environ.get("AZURE_OPENAI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b37502f1b56d8aa Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:541
            azure_ad_token = os.environ.get("AZURE_OPENAI_AD_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e04c4724a6065f57 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:549
            api_version = os.environ.get("OPENAI_API_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1478ab1df5b8cc41 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/azure.py:563
                azure_endpoint = os.environ.get("AZURE_OPENAI_ENDPOINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #649ea0160c9f925c Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:70
    configured = region or os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb171fdc6d8eb98c Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:80
    environment_base_url = os.environ.get("AWS_BEDROCK_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de4483bdf9dbcbdf Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:105
    token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cc1ad421aa1fdb3 Environment-variable access.
pkgs/python/[email protected]/src/openai/lib/bedrock.py:150
    environment_token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86827f10edf3e9c4 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:248
            token = os.environ.get("AWS_BEARER_TOKEN_BEDROCK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4407a1b533082296 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:331
            os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a64b24ffe8f59a30 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:338
        environment_base_url = _normalize_optional_string(os.environ.get("AWS_BEDROCK_BASE_URL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0da89b178af30cb4 Environment-variable access.
pkgs/python/[email protected]/src/openai/providers/bedrock.py:391
        and bool(os.environ.get("AWS_BEARER_TOKEN_BEDROCK"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

smolagents

python dependency
high pii_flow dependency Excluded from app score #e042bce21f42f35b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/smolagents/default_tools.py:210 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/smolagents/default_tools.py:196 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/smolagents/default_tools.py:210
        response = requests.get(base_url, params=params)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

high pii_flow dependency Excluded from app score #5cc13cdb8cf5e2fa User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/smolagents/default_tools.py:465 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/smolagents/default_tools.py:461 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/smolagents/default_tools.py:465
        response = requests.post(
            "https://api.exa.ai/search",
            headers={
                "x-api-key": api_key,
                "Content-Type": "application/json",
                "x-exa-integration": "smolagents",
            },
            json={
                "query": query,
                "numResults": self.max_results,
                "contents": {"highlights": True},
            },
            timeout=getattr(self, "timeout", 30),
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 22 low-confidence finding(s)
low env_fs dependency Excluded from app score #7884d63e0536dcf3 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:936
        with open(os.path.join(output_dir, "prompts.yaml"), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #352f7c975de8319c Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:943
        with open(os.path.join(output_dir, "agent.json"), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5aeabce459c3bb23 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:947
        with open(os.path.join(output_dir, "requirements.txt"), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c381b4db003ec188 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:967
        with open(os.path.join(output_dir, "app.py"), "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2084261bcb653f42 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:1128
        agent_dict = json.loads((folder / "agent.json").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca655fb8b5b67b82 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:1150
            tool_code = (folder / "tools" / f"{tool_name}.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d501ca2a82b60ace Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:1242
            importlib.resources.files("smolagents.prompts").joinpath("toolcalling_agent.yaml").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5025e3d301d64fab Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:1549
                importlib.resources.files("smolagents.prompts").joinpath("structured_code_agent.yaml").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57aa20fa1f4e6033 Filesystem access.
pkgs/python/[email protected]/src/smolagents/agents.py:1553
                importlib.resources.files("smolagents.prompts").joinpath("code_agent.yaml").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #467fef929411e253 Environment-variable access.
pkgs/python/[email protected]/src/smolagents/cli.py:197
            api_key=api_key or os.getenv("FIREWORKS_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a089c3bb6dbb50e Environment-variable access.
pkgs/python/[email protected]/src/smolagents/cli.py:212
            token=api_key or os.getenv("HF_API_KEY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd314b039410b25f Environment-variable access.
pkgs/python/[email protected]/src/smolagents/default_tools.py:186
        self.api_key = os.getenv(api_key_env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86ec7ea1b9617a4c Environment-variable access.
pkgs/python/[email protected]/src/smolagents/default_tools.py:292
        self.api_key = api_key or os.getenv(self.api_key_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #ebdfd79934130041 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/smolagents/default_tools.py:377
        response = requests.get(
            "https://lite.duckduckgo.com/lite/",
            params={"q": query},
            headers={"User-Agent": "Mozilla/5.0"},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low egress dependency Excluded from app score #091b68cf1d944359 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/smolagents/default_tools.py:438
        response = requests.get(
            "https://www.bing.com/search",
            params={"q": query, "format": "rss"},
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #7393bacc034cd72c Environment-variable access.
pkgs/python/[email protected]/src/smolagents/default_tools.py:461
        api_key = os.getenv("EXA_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #2d36a2b9f6596697 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/smolagents/default_tools.py:465
        response = requests.post(
            "https://api.exa.ai/search",
            headers={
                "x-api-key": api_key,
                "Content-Type": "application/json",
                "x-exa-integration": "smolagents",
            },
            json={
                "query": query,
                "numResults": self.max_results,
                "contents": {"highlights": True},
            },
            timeout=getattr(self, "timeout", 30),
        )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #69f9a830ed8151a3 Environment-variable access.
pkgs/python/[email protected]/src/smolagents/models.py:1535
            token = os.getenv("HF_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bef938bc4508e9b Filesystem access.
pkgs/python/[email protected]/src/smolagents/pyodide_deno_executor.bak.py:104
        with open(self.runner_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #023677c05637ee88 Filesystem access.
pkgs/python/[email protected]/src/smolagents/tools.py:419
        file_path.write_text(content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e05deb4dfe5e6dcf Filesystem access.
pkgs/python/[email protected]/src/smolagents/tools.py:568
        tool_code = Path(tool_file).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #417c9c98ca05f62c Filesystem access.
pkgs/python/[email protected]/src/smolagents/utils.py:443
    with open(os.path.join(folder, "__init__.py"), "w"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

mcp

python dependency
high pii_flow dependency Excluded from app score #9f29bc0497cd7007 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration.
pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:433 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/src/mcp/client/auth/oauth2.py:452
        return httpx.Request("POST", token_url, data=refresh_data, headers=headers)

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

expand_more 31 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #39ed005bf79f96f0 Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:72
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #54b012a616a3702b Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:281
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #60c43fe1152e4fe2 Environment-variable access.
pkgs/python/[email protected]/.github/actions/conformance/client.py:349
    scenario = os.environ.get("MCP_CONFORMANCE_SCENARIO")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bbedba4800f29b17 Environment-variable access.
pkgs/python/[email protected]/examples/clients/conformance-auth-client/mcp_conformance_auth_client/__init__.py:50
    context_json = os.environ.get("MCP_CONFORMANCE_CONTEXT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4a880228c545f1dd Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:343
    server_url = os.getenv("MCP_SERVER_PORT", 8000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5d927a7b86bab532 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:344
    transport_type = os.getenv("MCP_TRANSPORT_TYPE", "streamable-http")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e8bc9fab1764595c Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-auth-client/mcp_simple_auth_client/main.py:345
    client_metadata_url = os.getenv("MCP_CLIENT_METADATA_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2b0c63584b086ce7 Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:24
        self.api_key = os.getenv("LLM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3514fa0342fe3ac8 Filesystem access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:45
        with open(file_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b526a9ac7a17fbdd Environment-variable access.
pkgs/python/[email protected]/examples/clients/simple-chatbot/mcp_simple_chatbot/main.py:83
            env={**os.environ, **self.config["env"]} if self.config.get("env") else None,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e5351f2c7f2b33e4 Filesystem access.
pkgs/python/[email protected]/examples/fastmcp/icons_demo.py:14
icon_data = base64.standard_b64encode(icon_path.read_bytes()).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6814a51a0bd3e4f8 Environment-variable access.
pkgs/python/[email protected]/examples/fastmcp/memory.py:52
PROFILE_DIR = (Path.home() / ".fastmcp" / os.environ.get("USER", "anon") / "memory").resolve()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dce44ce9c792546c Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/completion_client.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #62691be79486dbb7 Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/display_utilities.py:17
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1c4b0832d7620b18 Environment-variable access.
pkgs/python/[email protected]/examples/snippets/clients/stdio_client.py:19
    env={"UV_INDEX": os.environ.get("UV_INDEX", "")},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #56a09eebcba3f5d0 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/binary_resources.py:9
    with open("logo.png", "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1669121282b5c273 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results.py:10
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7e0cc00d23e0dd07 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/embedded_resource_results_binary.py:12
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aa91d90f5a2622e9 Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/prompt_embedded_resources.py:11
    file_content = open(filename).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4b730019246f45ac Filesystem access.
pkgs/python/[email protected]/examples/snippets/servers/tool_errors.py:27
    with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #17f89b40e73a01d5 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:53
        code = file.read_text().rstrip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5d9a777b51d0d608 Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:109
    content = doc_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a137376874f1028e Filesystem access.
pkgs/python/[email protected]/scripts/update_doc_snippets.py:134
            doc_path.write_text(updated_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eecb4d969a47a83 Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:24
        path = Path(os.environ.get("XDG_CONFIG_HOME", Path.home() / ".config"), "Claude")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad91c2045fb3ce21 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:77
            config_file.write_text("{}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #635a0d937de7fdcf Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:88
        config = json.loads(config_file.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #836601e829db9e05 Filesystem access.
pkgs/python/[email protected]/src/mcp/cli/claude.py:135
        config_file.write_text(json.dumps(config, indent=2))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7767091d6dea547d Environment-variable access.
pkgs/python/[email protected]/src/mcp/cli/cli.py:282
            env=dict(os.environ.items()),  # Convert to list of tuples for env update

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4157556e3236650 Environment-variable access.
pkgs/python/[email protected]/src/mcp/client/stdio/__init__.py:59
        value = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8b687e8b58bd2f8 Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:47
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33d604111ef3fa47 Filesystem access.
pkgs/python/[email protected]/src/mcp/server/fastmcp/utilities/types.py:94
            with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

sentry-sdk

python dependency
medium telemetry dependency Excluded from app score #8adb6bc2bcf7c8fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:1
from sentry_sdk import metrics, profiler

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02fa8fd564a439b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:3
from sentry_sdk.scope import Scope  # isort: skip

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9d6999729bb3686 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:4
from sentry_sdk.client import Client  # isort: skip

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49ca56c3ae8b44dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:5
from sentry_sdk.consts import VERSION

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce380c2b1744129f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:6
from sentry_sdk.transport import HttpTransport, Transport

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a915a47b94679ac7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:8
from sentry_sdk.api import *  # noqa # isort: skip

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e09054f59613cf8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:64
from sentry_sdk.debug import init_debug_support

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f3112c65ccb00bde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/__init__.py:70
from sentry_sdk.hub import Hub

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddde1d0ae3c1202b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_batcher.py:8
from sentry_sdk.envelope import Envelope, Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f6bb0330ee49a1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_batcher.py:9
from sentry_sdk.utils import format_timestamp

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f89b498f67ff617 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_compat.py:42
    from sentry_sdk.consts import FALSE_VALUES

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #062515afa21fb2b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_init_implementation.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ae3e2a07df929b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_init_implementation.py:9
    import sentry_sdk.consts

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c8e27a7895e24ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_init_implementation.py:56
    client = sentry_sdk.Client(*args, **kwargs)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1bdf3c7861a36a2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_init_implementation.py:57
    sentry_sdk.get_global_scope().set_client(client)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7cac377d2aaf474 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_log_batcher.py:3
from sentry_sdk._batcher import Batcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8db56667d74b9af7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_log_batcher.py:4
from sentry_sdk.envelope import Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd2587b007a3fc87 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_log_batcher.py:5
from sentry_sdk.utils import serialize_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15bbe06253cc3448 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_log_batcher.py:10
    from sentry_sdk._types import Log

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #babbb5ebd8e83858 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_metrics_batcher.py:3
from sentry_sdk._batcher import Batcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d311f67701214cdf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_metrics_batcher.py:4
from sentry_sdk.utils import serialize_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd22391debd6b131 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_metrics_batcher.py:9
    from sentry_sdk._types import Metric

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e035c39eedf2398 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_span_batcher.py:10
from sentry_sdk._batcher import Batcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f58f6792a7b28fcc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_span_batcher.py:11
from sentry_sdk.envelope import Envelope, Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9594b0fd4692eaed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_span_batcher.py:12
from sentry_sdk.utils import format_timestamp, serialize_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #65a14424d8895b92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_span_batcher.py:17
    from sentry_sdk._types import SpanJSON

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bb8d1382ffc9b38f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/_types.py:148
    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9a2128c865e0d8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/_openai_completions_api.py:13
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f1ccfb365c89e11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:6
import sentry_sdk.utils

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf691c30dd23fecb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:7
from sentry_sdk import start_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0632fd5c0aad1d03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:8
from sentry_sdk.ai.utils import _set_span_data_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16f7733f2b89e1fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:9
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d81c75a3afacd52a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:10
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0926b05fdb446897 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:11
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ada2b8edef87c30c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:12
from sentry_sdk.utils import ContextVar, capture_internal_exceptions, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1eadc618fa96e666 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:36
            with start_span(name=description, op=op, **span_kwargs) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #940d746be1781e3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:53
                                client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #557c66b95632d799 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:56
                            sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f28d87d82dee4232 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:66
            with start_span(name=description, op=op, **span_kwargs) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ce30de456fabb12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:83
                                client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f855edf33e53c24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/monitoring.py:86
                            sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f9a08892f2a7cd9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:6
from sentry_sdk._types import BLOB_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89fb108dcd994d6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:7
from sentry_sdk.ai.consts import DATA_URL_BASE64_REGEX

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eac158798e7494b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:12
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2899931edce171f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:14
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa43157bac26e397 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:15
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77517192eae2e0b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:16
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b5787bedb473b797 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:540
    current_span = sentry_sdk.get_current_span()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5aa6bb3c052b1892 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/ai/utils.py:781
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb27f0af94be3b8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:6
from sentry_sdk import Client, tracing_utils

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e22e838d803cf3ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:7
from sentry_sdk._init_implementation import init

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b6a9300d2384967 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:8
from sentry_sdk.consts import INSTRUMENTER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #457e432307e23d0a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:9
from sentry_sdk.crons import monitor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e45562ab55debd86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:10
from sentry_sdk.scope import Scope, _ScopeManager, isolation_scope, new_scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4b70189457833e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:11
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #90e296d3b6d512c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:12
from sentry_sdk.traces import get_current_span as _get_current_streamed_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06a01fb8800cfccd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:13
from sentry_sdk.tracing import NoOpSpan, Transaction, trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3561aecbf044fe2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:31
    from sentry_sdk._types import (
        Breadcrumb,
        BreadcrumbHint,
        Event,
        ExcInfo,
        Hint,
        LogLevelStr,
        MeasurementUnit,
        SamplingContext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #956e72b80207865b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:41
    from sentry_sdk.client import BaseClient

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bb64328e1a1d0be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:42
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #478fe818e0d59d6a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/api.py:43
    from sentry_sdk.tracing import Span, TransactionKwargs

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d8c8adf8f95a46a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/attachments.py:5
from sentry_sdk.envelope import Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa039e8f3bae961c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:14
from sentry_sdk._compat import check_uwsgi_thread_support

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a927bc74511b1078 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:15
from sentry_sdk._metrics_batcher import MetricsBatcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b8b6f9a8160ca3a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:16
from sentry_sdk._span_batcher import SpanBatcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8367489982a47e8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:17
from sentry_sdk.consts import (
    DEFAULT_MAX_VALUE_LENGTH,
    DEFAULT_OPTIONS,
    INSTRUMENTER,
    SPANDATA,
    SPANSTATUS,
    VERSION,
    ClientConstructor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #86ea1785ac4d4b96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:26
from sentry_sdk.data_collection import (
    _map_from_send_default_pii,
    _resolve_data_collection,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15d08f314040a8ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:30
from sentry_sdk.envelope import Envelope, Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b9eaef2de1c59c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:31
from sentry_sdk.integrations import _DEFAULT_INTEGRATIONS, setup_integrations

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2e283568c223ceb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:32
from sentry_sdk.integrations.dedupe import DedupeIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6488e098180a6f13 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:33
from sentry_sdk.monitor import Monitor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4879a2e86e3dd92a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:34
from sentry_sdk.profiler.continuous_profiler import setup_continuous_profiler

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0ea82bcc4459856 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:35
from sentry_sdk.profiler.transaction_profiler import (
    Profile,
    has_profiling_enabled,
    setup_profiler,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #262a34e319f0fa01 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:40
from sentry_sdk.scrubber import EventScrubber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f50ce848dd99eb2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:41
from sentry_sdk.serializer import serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35ad13c9aa96b02b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:42
from sentry_sdk.sessions import SessionFlusher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a52ebe83084ca017 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:43
from sentry_sdk.traces import SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a5abd641116c75c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:44
from sentry_sdk.tracing import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #82ed677a991f809f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:45
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b50ed9db01da8a99 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:46
from sentry_sdk.transport import (
    AsyncHttpTransport,
    HttpTransportCore,
    make_transport,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3ad9f234f79fc2f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:51
from sentry_sdk.utils import (
    AnnotatedValue,
    ContextVar,
    capture_internal_exceptions,
    current_stacktrace,
    datetime_from_isoformat,
    env_to_bool,
    format_timestamp,
    get_before_send_log,
    get_before_send_metric,
    get_before_send_span,
    get_default_release,
    get_sdk_name,
    get_type_name,
    handle_in_app,
    has_logs_enabled,
    has_metrics_enabled,
    logger,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d18a828d246283a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:74
    from sentry_sdk._log_batcher import LogBatcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f16fcc4841d3cc07 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:75
    from sentry_sdk._metrics_batcher import MetricsBatcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8a3cb8b1cbff6b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:76
    from sentry_sdk._types import (
        Event,
        EventDataCategory,
        Hint,
        Log,
        Metric,
        SDKInfo,
        SerializedAttributeValue,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d72b7dcfc407ae95 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:85
    from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0494d94654cedb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:86
    from sentry_sdk.scope import Scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e0557c599ac946d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:87
    from sentry_sdk.session import Session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c64948058364947 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:88
    from sentry_sdk.spotlight import SpotlightClient

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3174c3c6cff6c48d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:89
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07091af29ead54d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:90
    from sentry_sdk.transport import Item, Transport

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab7ad1789753962f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:91
    from sentry_sdk.utils import Dsn

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fb565d2464531a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:614
            from sentry_sdk.spotlight import setup_spotlight

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cd50968106c96cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/client.py:642
                from sentry_sdk._log_batcher import LogBatcher

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16d5cb2b199fd046 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/consts.py:44
    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2bf3feb11cad9b70 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/consts.py:45
    from sentry_sdk._types import (
        BreadcrumbProcessor,
        ContinuousProfilerMode,
        DataCollectionUserOptions,
        Event,
        EventProcessor,
        Hint,
        IgnoreSpansConfig,
        Log,
        Metric,
        ProfilerMode,
        SpanJSON,
        TracesSampler,
        TransactionProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a6565cf3769fc98 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/__init__.py:1
from sentry_sdk.crons.api import capture_checkin

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c56ee5582f2f07cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/__init__.py:2
from sentry_sdk.crons.consts import MonitorStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a55a2d769779a5e2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/__init__.py:3
from sentry_sdk.crons.decorator import monitor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #86ad62b5fb05b328 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/api.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e51729ce8e665fe0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/api.py:5
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c689cdec68be9357 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/api.py:10
    from sentry_sdk._types import Event, MonitorConfig

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd91769c30ac3377 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/api.py:20
    options = sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #adc66f62792a9796 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/api.py:54
    sentry_sdk.capture_event(check_in_event)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e315cb8ab784183 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/decorator.py:5
from sentry_sdk.crons import capture_checkin

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d30e3f4d47c0cfea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/decorator.py:6
from sentry_sdk.crons.consts import MonitorStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e784790f15ba2805 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/decorator.py:7
from sentry_sdk.utils import now

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a685dc822a8fadfb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/crons/decorator.py:23
    from sentry_sdk._types import MonitorConfig

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9022b061fe8517a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/data_collection.py:31
    from sentry_sdk._types import (
        DataCollection,
        GenAICollectionBehaviour,
        GraphQLCollectionBehaviour,
        HttpHeadersCollectionBehaviour,
        KeyValueCollectionBehaviour,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be369b8857808851 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/debug.py:6
from sentry_sdk import get_client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92dd2b028b570515 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/debug.py:7
from sentry_sdk.client import _client_init_debug

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #67e96a3726e4ffd8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/debug.py:8
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5821bf9fa11a868 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/debug.py:16
        return get_client().options["debug"]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab9aeb5f4e5b4e28 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/envelope.py:6
from sentry_sdk.session import Session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #530160d7b29b1d79 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/envelope.py:7
from sentry_sdk.utils import capture_internal_exceptions, json_dumps

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #016b78b38f8901fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/envelope.py:12
    from sentry_sdk._types import Event, EventDataCategory

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #953023cecd6c89fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23f1753a3f3999be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:6
from sentry_sdk._lru_cache import LRUCache

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e80635fff6f7d48a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:7
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af7857040927841a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:8
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #87b3074f05d04670 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:62
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46aeb3cbc63fda1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:64
    flags = sentry_sdk.get_isolation_scope().flags

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #677acfc8b6cf82cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/feature_flags.py:73
        span = sentry_sdk.get_current_span()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #481ab9d1b2ffa480 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:5
from sentry_sdk import (
    get_client,
    get_current_scope,
    get_global_scope,
    get_isolation_scope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e002f7db0b87ee34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:11
from sentry_sdk._compat import with_metaclass

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98e1001ce4acf611 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:12
from sentry_sdk.client import Client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7887fe477ec1f8f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:13
from sentry_sdk.consts import INSTRUMENTER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79a9d390d7e75526 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:14
from sentry_sdk.scope import _ScopeManager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9eea40c11793f12c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:15
from sentry_sdk.tracing import (
    NoOpSpan,
    Span,
    Transaction,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6c476e12d3ada1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:20
from sentry_sdk.utils import (
    ContextVar,
    logger,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02f018e8360457e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:43
    from sentry_sdk._types import (
        Breadcrumb,
        BreadcrumbHint,
        Event,
        ExcInfo,
        Hint,
        LogLevelStr,
        SamplingContext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9a9abbc73326dc0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:52
    from sentry_sdk.client import BaseClient

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50c5e6c9ebb02080 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:53
    from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #795dda532cf121f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:54
    from sentry_sdk.scope import Scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #65fe0facfd2b8caf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:55
    from sentry_sdk.tracing import TransactionKwargs

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae80942918eee497 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:143
            client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8016ec6f5c2a22a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:146
                scope = get_isolation_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #790001bd985b1108 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:147
                current_scope = get_current_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #782ef27bbe695008 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:150
            get_global_scope().set_client(client)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b8a42527cd9b6bb7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:154
            scope = get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b938a6e1471c42ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:155
            current_scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #213da77a9f3530e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:159
            current_scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7905352104b5e9b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:174
        current_scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #141638cf9c47619d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:178
        isolation_scope = get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85840055bd264e86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:229
        return get_client().get_integration(name_or_class)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e47af5f3cc60bcfc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:240
        client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49ecd063fbdc1b40 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:254
        return get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #625bf1997ae92ac6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:279
        get_global_scope().set_client(new)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ea78854f70463cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:308
        last_event_id = get_current_scope().capture_event(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c7b170c73378816 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:347
        last_event_id = get_current_scope().capture_message(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6d654b554b35ac59 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:382
        last_event_id = get_current_scope().capture_exception(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2628f24759c97cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:409
        get_isolation_scope().add_breadcrumb(crumb, hint, **kwargs)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98ce6ac4accb8b09 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:433
        scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8bbd2e94cdd5bda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:471
        scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c67c3a4124a5f18 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:496
        return get_isolation_scope().continue_trace(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68febf614f98256e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:580
        scope = get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2087e8434eb58af6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:608
        get_isolation_scope().start_session(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0a7fab6335f6359 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:620
        get_isolation_scope().end_session()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0c8cc6af4e933529 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:633
        get_isolation_scope().stop_auto_session_tracking()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a1c4abaaf17ddfc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:645
        get_isolation_scope().resume_auto_session_tracking()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c84958c8094e55f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:659
        return get_client().flush(timeout=timeout, callback=callback)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #81a4f041edfdbb49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:669
        current_scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2b6fc27bd3f975c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:673
            isolation_scope = get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26c88b0c9ad4c5c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:686
        current_scope = get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #53a4090a9a6f4327 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:690
            isolation_scope = get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02ba1fedfeb457b3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:710
        return get_current_scope().iter_trace_propagation_headers(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d96e1e7bc4b8443 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:728
        return get_current_scope().trace_propagation_meta(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7cf7133a2cd1575 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/hub.py:741
from sentry_sdk import scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fe241d30b4a6606 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/__init__.py:5
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a65abd940a075dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_asgi_common.py:5
from sentry_sdk.integrations._wsgi_common import _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fd533c67cfe3a64 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_asgi_common.py:6
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cc01a421c2a283c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_asgi_common.py:13
    from sentry_sdk.utils import AnnotatedValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bdec6e31def0d6fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #392e84f442d78dda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:6
from sentry_sdk._types import SENSITIVE_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ebf0401df48c66cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a84c0c86db4bbe4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:8
from sentry_sdk.utils import AnnotatedValue, logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd3f9cec2c8ff266 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:23
    from sentry_sdk._types import Event, HttpStatusCodeRange

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0278fa414df1ad8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/_wsgi_common.py:89
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51ab28e17deb1c62 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a9fce918a407f93 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:6
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b71bb42f471d0ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:7
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e8110a7a2d852cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:8
from sentry_sdk.integrations import (
    _DEFAULT_FAILED_REQUEST_STATUS_CODES,
    DidNotEnable,
    Integration,
    _check_minimum_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2554d5d499b77ec2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:14
from sentry_sdk.integrations._wsgi_common import (
    _filter_headers,
    request_body_within_bounds,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #efddfa6b7b61817a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:18
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61790de00352f531 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:19
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4cdfc4b0893152e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:20
from sentry_sdk.sessions import track_session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bfd06d6dc1825047 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:21
from sentry_sdk.traces import (
    SOURCE_FOR_STYLE as SEGMENT_SOURCE_FOR_STYLE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9ced78ece81e7e6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:24
from sentry_sdk.traces import (
    NoOpStreamedSpan,
    SegmentSource,
    SpanStatus,
    StreamedSpan,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f15ba749933e672b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:30
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SOURCE_FOR_STYLE,
    TransactionSource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7ac57ee441670529 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:35
from sentry_sdk.tracing_utils import (
    add_http_request_source,
    has_span_streaming_enabled,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2fc81d24033510ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:40
from sentry_sdk.utils import (
    CONTEXTVARS_ERROR_MESSAGE,
    HAS_REAL_CONTEXTVARS,
    SENSITIVE_DATA_SUBSTITUTE,
    AnnotatedValue,
    _register_control_flow_exception,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    logger,
    parse_url,
    parse_version,
    reraise,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #80a08e3db52fbae0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:76
    from sentry_sdk._types import Attributes, Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d6fbd692501ae2d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:77
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4c176d8c2a73166 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:78
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #661c815fea2e17d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:128
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6636f47718fd8dfe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:136
            with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d71c3cc3403cc3be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:206
                        span_ctx = sentry_sdk.start_transaction(
                            transaction,
                            custom_sampling_context={"aiohttp_request": request},
                        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a82523bdc7e6f7b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:282
            integration = sentry_sdk.get_client().get_integration(AioHttpIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #63cae8fd1d2a96a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:299
                current_span = sentry_sdk.get_current_span()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fe0333f2c9945ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:309
                    current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f4c1391e8769a91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:339
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51c259cb3b32440c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:372
            legacy_span = sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name=span_name,
                origin=AioHttpIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a263ba73259e1144 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:388
            ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01c2945de2b7e408 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:480
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e186c9b9b71ac629 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:483
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e77dae4d4da543c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiohttp.py:497
        if not request_body_within_bounds(sentry_sdk.get_client(), len(bytes_body)):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #40beac21ae1b3236 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d39faa036c51569 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:7
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9543403e9369635a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:8
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5701d71f2d29270 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:9
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a17835c4c82bcee5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:10
from sentry_sdk.tracing_utils import (
    add_query_source,
    has_span_streaming_enabled,
    record_sql_queries,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3276aca449e11c5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:15
from sentry_sdk.utils import (
    capture_internal_exceptions,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73f67dfa2c1ed6d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:65
        if sentry_sdk.get_client().get_integration(AioMySQLIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba57b0358604eeeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:84
        integration = sentry_sdk.get_client().get_integration(AioMySQLIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c29fa57b63b913d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:116
        if sentry_sdk.get_client().get_integration(AioMySQLIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0aae64bef9bce7dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:126
        integration = sentry_sdk.get_client().get_integration(AioMySQLIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9a336f6b5b29b7c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:170
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ec5cdeaef961d2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:186
                    sentry_sdk.add_breadcrumb(
                        message="connect", category="query", data=breadcrumb_data
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9ffc15cd88e9a47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:193
            with sentry_sdk.start_span(
                op=OP.DB,
                name="connect",
                origin=AioMySQLIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc3151aa0de386af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aiomysql.py:201
                    sentry_sdk.add_breadcrumb(
                        message="connect",
                        category="query",
                        data=connect_data,
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36555dcd9c970fc3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8675b51984088473 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:8
from sentry_sdk.ai.monitoring import record_token_usage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b20e0c7bcd0f4b50 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:9
from sentry_sdk.ai.utils import (
    GEN_AI_ALLOWED_MESSAGE_ROLES,
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    transform_anthropic_content_part,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fedf2c20093a7ece Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:17
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b42fe8111b7f174c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:18
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77f646d34daa1876 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:19
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2fb29dbc5687557 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:20
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c98cf0cb1badfa58 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:21
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #393ff0a1cafdabf4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:22
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52063c423812f53d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:26
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    package_version,
    reraise,
    safe_serialize,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c22b52f0d92681b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:86
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8dc144ee4bdeda34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:204
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #436301c05a793386 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:207
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #53ec0e94ad9407e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:450
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22f72b07434b3db2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:451
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0319b564aed1d3d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:641
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69b7807b680f2bc8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:739
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #264dbe283ce6ee75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:820
        integration = sentry_sdk.get_client().get_integration(AnthropicIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9afe7dc6f8145920 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:914
        integration = sentry_sdk.get_client().get_integration(AnthropicIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b555b5f12519107 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:970
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83a06ea5bbe10d3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/anthropic.py:1077
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fecfa0b78779fb4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/argv.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #188ffb1c9dac39fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/argv.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #945766e909199db8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/argv.py:6
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #74afc82129260b1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/argv.py:11
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ed58e5855627b12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/argv.py:21
            if sentry_sdk.get_client().get_integration(ArgvIntegration) is not None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7a4613423c789ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c5acd16c918c6a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:4
from sentry_sdk import capture_event, get_client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e24ce5ecee83c4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:5
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d00709bf5373b923 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:6
from sentry_sdk.integrations._wsgi_common import request_body_within_bounds

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7dd15523389033ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:7
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f2492794de6c8af4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:8
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9e5af604c7dd1ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:9
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    package_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ecd10b85ffbd804 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:36
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3de8ef4a3c20c071 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:64
        sentry_sdk.get_isolation_scope().add_event_processor(event_processor)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c06ef3263f176811 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:76
        sentry_sdk.get_isolation_scope().add_event_processor(event_processor)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c14e88c445c008c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:78
        client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b3ef32d8ce6a8c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:90
                    capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ba10a658113b320 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:101
        sentry_sdk.get_isolation_scope().add_event_processor(event_processor)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23d737841eded14e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:103
        client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e1bacbba4e72e43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:115
                    capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cde68717c63fb969 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ariadne.py:140
                get_client(), content_length

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09c7cdf8760dc4ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b869307e0bd9a67 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:4
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #93bb1038084a13b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:5
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #306200961f549d58 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:6
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f821a59c3d33635b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fcea74ad4d47700a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:8
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9be6f72e4973535 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:9
from sentry_sdk.tracing import Transaction, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d35d1ce499baf34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e347685f383619c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:11
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    _register_control_flow_exception,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    parse_version,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26a479c86eb377c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:39
    from sentry_sdk._types import Event, EventProcessor, ExcInfo, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d21942b09a04878 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:77
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #507e29333a412aa3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:91
        with sentry_sdk.start_span(
            op=OP.QUEUE_SUBMIT_ARQ, name=function, origin=ArqIntegration.origin
        ):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e60aa4d0403ea82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:104
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #beb8eba5f2710412 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:108
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5915f4647243574d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:137
            with sentry_sdk.start_transaction(transaction) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8de1fefc5fb8c946 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:146
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f83ec4c7ee816c6b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:160
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c3e24163be16ef68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:163
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3293c7ce724ab92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:171
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52d4b669fb935a94 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:200
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a44b8da6a481d189 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:206
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fad8053679579815 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/arq.py:213
        sentry_sdk.get_isolation_scope().add_event_processor(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0097d86d46afb85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:13
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #615999bbe448fe9d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:14
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39f6873cfdf1df20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:15
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1c54fe1e4322d25 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:16
from sentry_sdk.integrations._asgi_common import (
    _get_headers,
    _get_ip,
    _get_path,
    _get_request_attributes,
    _get_request_data,
    _get_url,
    _RootPathInPath,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #75de06a173af5656 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:25
from sentry_sdk.integrations._wsgi_common import (
    DEFAULT_HTTP_METHODS_TO_CAPTURE,
    nullcontext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2de7ecb52c63a1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:29
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e34419e517387669 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:30
from sentry_sdk.sessions import track_session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb1005e177d769cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:31
from sentry_sdk.traces import (
    SOURCE_FOR_STYLE as SEGMENT_SOURCE_FOR_STYLE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0c70b09b05eeb75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:34
from sentry_sdk.traces import (
    SegmentSource,
    StreamedSpan,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7b2cc54ffc80fa7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:38
from sentry_sdk.tracing import (
    SOURCE_FOR_STYLE,
    Transaction,
    TransactionSource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #582c3604250bf875 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:43
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1629c4c1e20180a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:44
from sentry_sdk.utils import (
    CONTEXTVARS_ERROR_MESSAGE,
    HAS_REAL_CONTEXTVARS,
    ContextVar,
    _get_installed_modules,
    capture_internal_exceptions,
    event_from_exception,
    logger,
    qualname_from_function,
    reraise,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8db6e901160a455e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:60
    from sentry_sdk._types import Attributes, Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c9cd8e586448a0b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:61
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eddca9c63490976e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:81
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c7b076830225f47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:84
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #862feb6f8cda564d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:209
                    sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a8f950aac5a081a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:222
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11fba4f335afd0c3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:227
            with sentry_sdk.isolation_scope() as sentry_scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4b18e13c4ac3fd1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:316
                            sentry_sdk.start_transaction(
                                transaction,
                                custom_sampling_context={"asgi_scope": scope},
                            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1418c28b713786a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asgi.py:369
                                sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae452f1f4666ec32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e1597b2e4c6a9ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:5
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fad436b481a08450 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:6
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d97b1e52d6858795 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:7
from sentry_sdk.integrations._wsgi_common import nullcontext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d26e7730151341da Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:8
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d8d79796881a1fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:9
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f9710207f83cf78 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba44ae536516e103 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:11
from sentry_sdk.transport import AsyncHttpTransport

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cefdf59849a6c6ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:12
from sentry_sdk.utils import (
    event_from_exception,
    is_internal_task,
    logger,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb3c39d8daca9dda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:31
    from sentry_sdk._types import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #30fb825b850d66e7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:69
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1eafa609b48a11fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:148
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0307d0316c6b6b80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:155
                with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acd4aacfc48f6d5b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:166
                            span_ctx = sentry_sdk.start_span(
                                op=OP.FUNCTION,
                                name=get_name(coro),
                                origin=AsyncioIntegration.origin,
                            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a6ec779f8098500b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:211
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02ab9bdab35d5991 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:220
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06a895125b9f4144 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncio.py:264
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98c9038528498aea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #968132f6aea302d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:8
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43fc1ba40b40432a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:9
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb15088718f6a07e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:10
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6730e1cb649c14b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:11
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12323b5b36368d45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:12
from sentry_sdk.tracing_utils import (
    add_query_source,
    has_span_streaming_enabled,
    record_sql_queries,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e3f1215893258c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:17
from sentry_sdk.utils import (
    capture_internal_exceptions,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4dfe6821e0c63d17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:77
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba59ce037e0d1cb8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:122
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dfd8319b50eaaa91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:146
        if sentry_sdk.get_client().get_integration(AsyncPGIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca29c6b684f249f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:172
        if sentry_sdk.get_client().get_integration(AsyncPGIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a6e5334bf6b8dd9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:214
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8aa8694b24c07e71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:242
                    sentry_sdk.add_breadcrumb(
                        message="connect", category="query", data=span_attributes
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1ebbca55682fc02 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:248
            with sentry_sdk.start_span(
                op=OP.DB,
                name="connect",
                origin=AsyncPGIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d0060169df868ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/asyncpg.py:265
                    sentry_sdk.add_breadcrumb(
                        message="connect", category="query", data=span._data
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f118965f1155415 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/atexit.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9d2f5e307747fbbb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/atexit.py:7
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ffde81b96e7f2df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/atexit.py:8
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ef384f53e24cbf5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/atexit.py:41
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c185d6cf8b30fb0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/atexit.py:49
            sentry_sdk.get_isolation_scope().end_session()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9031cf18f9874c66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:11
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ef76f2349c5bea9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:12
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #452149115d8acbbc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:13
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85c991d51cd622fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:14
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54526be2f03daab4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:15
from sentry_sdk.integrations._wsgi_common import _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #024be6b10b1aaaa4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:16
from sentry_sdk.integrations.cloud_resource_context import (
    CLOUD_PLATFORM,
    CLOUD_PROVIDER,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a3bdb2664c8ae85b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:20
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6db1fd80a714a150 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:21
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2533a87becc92cfe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:22
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f5635ef74cc4b7b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:23
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34bd9d4a0e71c353 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:24
from sentry_sdk.utils import (
    AnnotatedValue,
    TimeoutThread,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    logger,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ba6f6736b48c9d67 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:37
    from sentry_sdk._types import Event, EventProcessor, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #45c2c0ca2e1c8d71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:49
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43fe19c3cce2df42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:52
            sentry_sdk.get_isolation_scope().clear_breadcrumbs()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1bf06e1ca32a210a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:61
                sentry_sdk.capture_event(sentry_event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #133d2f7e2b4df370 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:69
                sentry_sdk.capture_event(sentry_event)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #76a66f7bd4862b6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:91
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b5d07c680932010e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:113
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #542d78cd2158a0ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:141
                        current_scope=sentry_sdk.get_current_scope(),

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6b52a2d83098e35 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:213
                span_ctx = sentry_sdk.start_transaction(
                    transaction, custom_sampling_context=sampling_context
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11d44ddf10ee7cbc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:227
                    sentry_sdk.capture_event(sentry_event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c350c7e489db549 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:238
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c7b4cb1f47931980 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b6c38b02f5f47d5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:7
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d03bd20b224e9f62 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:8
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b58c9a11a3420306 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:9
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7abf1ebeb3c1c1cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:19
    from sentry_sdk._types import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2e6538d61578dcc4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:134
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a20e01fe27146cbc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/beam.py:141
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47f77de9bb78f556 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8289148e0b1f48b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:5
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6465b96fdd98729d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:6
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3cd292559d1399d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca3eacbc9a09d3f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:8
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4472c3e4d3579105 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:9
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f34f4957a70cf4a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da04f13135f4da98 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:11
from sentry_sdk.utils import (
    capture_internal_exceptions,
    parse_url,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #558d9a9b39204bc8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:63
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b02567cf3b6625d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/boto3.py:88
        span = sentry_sdk.start_span(
            op=OP.HTTP_CLIENT,
            name=description,
            origin=Boto3Integration.origin,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #795e6967c1b23d2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9d2ac837ce877a0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:5
from sentry_sdk.integrations import (
    _DEFAULT_FAILED_REQUEST_STATUS_CODES,
    DidNotEnable,
    Integration,
    _check_minimum_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8eeda3f2889babe8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:11
from sentry_sdk.integrations._wsgi_common import RequestExtractor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ac0b9873dc4a619 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:12
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edb737ebd70997b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:13
from sentry_sdk.traces import SOURCE_FOR_STYLE as SEGMENT_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38e2d3bcef3b187a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:14
from sentry_sdk.tracing import SOURCE_FOR_STYLE as TRANSACTION_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e99ad42f6adaf542 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:15
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01751fc8434b35c8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:16
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    parse_version,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #de830e351bb9e685 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:30
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #256465fffe8bae03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:31
    from sentry_sdk.integrations.wsgi import _ScopedResponse

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5520ccc5e24d8e29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:96
            integration = sentry_sdk.get_client().get_integration(BottleIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23f7a5831f10241c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:100
            scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f15f7ee875a7ffe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:107
            if has_span_streaming_enabled(sentry_sdk.get_client().options):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee29c5eb4e2f6185 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:124
            integration = sentry_sdk.get_client().get_integration(BottleIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8b8d5ec41ad18c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:184
        sentry_sdk.get_current_scope().set_transaction_name(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #250454f081e84dd8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:236
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0871e7cfd8fdbc8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/bottle.py:239
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a5f69a19a51d063b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf15677123379884 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:7
from sentry_sdk import isolation_scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #31d7d9c63e822565 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:8
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #379f65f2eb31d218 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:9
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0bdbb590145bea73 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:10
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0506e446be1b714f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:11
from sentry_sdk.integrations.celery.beat import (
    _patch_beat_apply_entry,
    _patch_redbeat_apply_async,
    _setup_celery_beat_signals,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f5abc51432fe5b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:16
from sentry_sdk.integrations.celery.utils import _now_seconds_since_epoch

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3df65d52187acca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:17
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #05a00ee4f067006e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:18
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a94822f7a85c055f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:19
from sentry_sdk.traces import StreamedSpan, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e4f3f54b415fe2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:20
from sentry_sdk.tracing import BAGGAGE_HEADER_NAME, Span, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8e298dab39196ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:21
from sentry_sdk.tracing_utils import Baggage, has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9dedc218724f80a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:22
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e938ea3772ea8031 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:32
    from sentry_sdk._types import Event, EventProcessor, ExcInfo, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3d2f87ff3d5bf9d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:95
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ed8792c0b450e3c5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:99
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ce2d68097d3d324 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:108
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #866be6e68d0c3e06 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:128
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac34bc0964f80cc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:181
            sentry_sdk.get_isolation_scope().iter_trace_propagation_headers(span=span)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af280973134689b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:263
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9babea8edc2c125 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:285
        task_started_from_beat = sentry_sdk.get_isolation_scope()._name == "celery-beat"

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97a730ec0062a68b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:300
                span_mgr = sentry_sdk.start_span(
                    op=OP.QUEUE_SUBMIT_CELERY,
                    name=task_name,
                    origin=CeleryIntegration.origin,
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b89727110ff6af51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:324
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fa21a4a6befc44a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:330
        with isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d4b62e904d0bad7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:381
                    span_ctx = sentry_sdk.start_transaction(
                        span,
                        custom_sampling_context=custom_sampling_context,
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d46025daaafdcf69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:415
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5313412081fa22db Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:432
                span = sentry_sdk.start_span(
                    op=OP.QUEUE_PROCESS,
                    name=task.name,
                    origin=CeleryIntegration.origin,
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8beb12cfff0ec0ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:534
                    sentry_sdk.get_client().get_integration(CeleryIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dbc91f420b0f5bfb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:537
                    sentry_sdk.flush()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be812c03cd50e972 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:546
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0bd6a0e3d8aa6d0a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/__init__.py:579
            span = sentry_sdk.start_span(
                op=OP.QUEUE_PUBLISH,
                name=task_name,
                origin=CeleryIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e06774e5de2de7d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6bac8ecfcc893a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:4
from sentry_sdk.crons import MonitorStatus, capture_checkin

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb38f45268469819 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc44920debc4534a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:6
from sentry_sdk.integrations.celery.utils import (
    _get_humanized_interval,
    _now_seconds_since_epoch,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #005b76acb88cdc04 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:10
from sentry_sdk.utils import (
    logger,
    match_regex_list,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a521bb5ff83470e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:19
    from sentry_sdk._types import (
        MonitorConfig,
        MonitorConfigScheduleType,
        MonitorConfigScheduleUnit,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37b1dbfe1b2f2285 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:184
    from sentry_sdk.integrations.celery import CeleryIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f4f04e385d47f2e8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:187
        integration = sentry_sdk.get_client().get_integration(CeleryIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2647f07df8dfccdd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/beat.py:192
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb5c94aa49be1051 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/celery/utils.py:7
    from sentry_sdk._types import MonitorConfigScheduleUnit

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c0e6bf9df1a209b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77e5976dead154bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #81af631f83749e56 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:6
from sentry_sdk.integrations._wsgi_common import _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #67fda723fd1760a2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:7
from sentry_sdk.integrations.aws_lambda import _make_request_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4968e0a0be56d372 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:8
from sentry_sdk.traces import (
    SpanStatus,
    StreamedSpan,
    get_current_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dbbf0bdbeb07d390 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:13
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #776d1fc26043bdc3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:14
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b70090db91c497a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:15
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    parse_version,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03b5cc8fd7ed0e1f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:42
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab8b2b073b95ff60 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:44
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #deb2658b6bf0091e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:59
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b11eaecd451bb47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:69
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #de393fb6df86db3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:70
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #165ded76e4632004 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:125
                    sentry_sdk.capture_event(sentry_event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd151097f69d3de0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/chalice.py:145
                    sentry_sdk.capture_event(sentry_event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf3acf549898f310 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #361572f6437cfb52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:5
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc4e4d52a4620c08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:6
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ca4cd427e862b5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c6c5d0e561deadf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:8
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8444a249c2c87e3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:9
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #de8018c6ee9e37ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e68080b1cf48dd37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:11
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d09b759543a0e55 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:78
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #30a73ebd1323151b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/clickhouse_driver.py:97
            span = sentry_sdk.start_span(
                op=OP.DB,
                name=query,
                origin=ClickhouseDriverIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7289883af06ab1e8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cloud_resource_context.py:6
from sentry_sdk.api import set_context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4c23771c05cf255b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cloud_resource_context.py:7
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35aad83b348d8951 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cloud_resource_context.py:8
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d2d1d85dd9c9546f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:5
from sentry_sdk import consts

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f48899f6a433d289 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:6
from sentry_sdk.ai.monitoring import record_token_usage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c940a5b9438d7867 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:7
from sentry_sdk.ai.utils import get_start_span_function, set_data_normalized

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b52a00d863f64d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:8
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #355434ab37632b43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:9
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ffd6cde23ca6bd21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a025e5a259fdff86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:15
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #201880aced84947a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:17
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3fdd708342a58e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:18
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #168154eae2d8d80c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:19
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d1c647d4f3bd4304 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:20
from sentry_sdk.utils import capture_internal_exceptions, event_from_exception, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fb213e66b79d8e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:89
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02c34abad0aec49a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:92
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0255046e0060989a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:142
        integration = sentry_sdk.get_client().get_integration(CohereIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1defa4270fe6e4f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:144
            sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #86d791815a183704 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:244
        integration = sentry_sdk.get_client().get_integration(CohereIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb81a88e95a38911 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/cohere.py:249
            sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f71bd29fb8b2046 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5a65f4048f5c776 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b98b9ae151dd6e2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:6
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4f7cfdfb0169fce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:7
from sentry_sdk.utils import ContextVar, logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #840a76f51c05b6fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:12
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fefd99761f1a26a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:28
            integration = sentry_sdk.get_client().get_integration(DedupeIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1106a12b12b2fcff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dedupe.py:58
        integration = sentry_sdk.get_client().get_integration(DedupeIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1898b065ad47c62c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #714d5b3ecf347534 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:8
from sentry_sdk.consts import OP, SPANDATA, SPANNAME

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fdfb9ecc9a619c2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:9
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e94df8b14183e10a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:10
from sentry_sdk.integrations._wsgi_common import (
    DEFAULT_HTTP_METHODS_TO_CAPTURE,
    RequestExtractor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3091e45c3e5f0c3c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:14
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd43aa6f377aa59d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:15
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60a3e4ebc6ec913a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:16
from sentry_sdk.scope import add_global_event_processor, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f74816068b0dbb2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:17
from sentry_sdk.serializer import add_global_repr_processor, add_repr_sequence_type

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #382d8f9357d0b48e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:18
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3088da3a86c8f1d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:19
from sentry_sdk.tracing import SOURCE_FOR_STYLE, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #359a2a236879dd52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:20
from sentry_sdk.tracing_utils import (
    add_query_source,
    has_span_streaming_enabled,
    record_sql_queries,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #018b1d757a00b341 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:25
from sentry_sdk.utils import (
    CONTEXTVARS_ERROR_MESSAGE,
    HAS_REAL_CONTEXTVARS,
    SENSITIVE_DATA_SUBSTITUTE,
    AnnotatedValue,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    logger,
    transaction_from_function,
    walk_exception_chain,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4bd6512d66148817 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:64
from sentry_sdk.integrations.django.middleware import patch_django_middlewares

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #588245d5cee099a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:65
from sentry_sdk.integrations.django.signals_handlers import patch_signals

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d568030632178af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:66
from sentry_sdk.integrations.django.tasks import patch_tasks

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c48f58e4baa34e4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:67
from sentry_sdk.integrations.django.templates import (
    get_template_frame_from_exception,
    patch_templates,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf6157266d789792 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:71
from sentry_sdk.integrations.django.transactions import LEGACY_RESOLVER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b7d49d3e8fd9a43b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:72
from sentry_sdk.integrations.django.views import patch_views

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96b9b7bae01af4f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:75
    from sentry_sdk.integrations.django.caching import patch_caching

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2383680a9babde7d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:89
    from sentry_sdk._types import Event, EventProcessor, Hint, NotImplementedType

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf9d3216e65de6b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:90
    from sentry_sdk.integrations.wsgi import _ScopedResponse

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #975ce5a4afd438e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:91
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b7739a47e08408a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:92
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b3eb1d668b4262a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:181
            integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bcca2aad89d7ef14 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:361
    from sentry_sdk.integrations.django.asgi import patch_channels_asgi_handler_impl

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #207b503e67cc3e8f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:382
    from sentry_sdk.integrations.django.asgi import patch_django_asgi_handler_impl

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acbe4ffdc52a98cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:431
    integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f230c1eeb58ec92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:437
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a9f00916f23d59d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:461
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3d7198c4e07d2f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:467
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1cf82d647427461 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:501
        sentry_sdk.set_user(user_info)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #511538ef03ca47fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:523
        from sentry_sdk.integrations.django.asgi import patch_get_response_async

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af5bd0c779ea76a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:557
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #139538f21c477a9d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:563
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c7cc9123d154fd0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:571
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #942b430a6f165ff7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:723
            sentry_sdk.add_breadcrumb(message="connect", category="query")

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97488b104d0671f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:725
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0c3ee41a9c0329d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:737
            with sentry_sdk.start_span(
                op=OP.DB,
                name="connect",
                origin=DjangoIntegration.origin_db,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97dc7abec7dc44b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:746
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eeb24cc31084a797 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:751
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f667b99220e4eb23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:763
            with sentry_sdk.start_span(
                op=OP.DB,
                name=SPANNAME.DB_COMMIT,
                origin=DjangoIntegration.origin_db,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5196da36e7794cd7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:772
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #438e4bf1bcbca92a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:777
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb03a65fa827a76c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/__init__.py:789
            with sentry_sdk.start_span(
                op=OP.DB,
                name=SPANNAME.DB_ROLLBACK,
                origin=DjangoIntegration.origin_db,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #45148dfec5e786c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:16
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0019c03e25aaa57e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:17
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d6632f36116c7b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:18
from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e2ed5afab60f123 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:19
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd7b7b17b4bb377e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:20
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #78692c34d9612e4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:21
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7afde3923439d1d3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:22
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2377864e2d59dc9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:33
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #44157742ae8848d8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:59
        from sentry_sdk.integrations.django import (
            DjangoRequestExtractor,
            _set_user_info,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0d10af22bd38113 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:83
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5888d866347d0ab3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:90
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cdd304b12a711595 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:114
            scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2c1a021f19b3d4de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:137
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92272387c1ae3e24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:145
            integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e8743c90fbf5fdb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:167
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4248dcc8e9846edd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:173
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ee995817425039b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:175
        current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fdcacb3ed3689542 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:185
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #94f8d9226ba30120 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/asgi.py:203
            with sentry_sdk.start_span(
                op=OP.VIEW_RENDER,
                name=request.resolver_match.view_name,
                origin=DjangoIntegration.origin,
            ):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8518b3676ab00289 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aad0f0379acacbbf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:9
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37471619b038a5ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:10
from sentry_sdk.integrations.redis.utils import _get_safe_key, _key_as_string

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d34bc3a798a27d38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:11
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #900dc399e8231b6d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:12
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dfa1b0d9c407b38e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:41
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3c0d784f80cc7749 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:62
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e846461b59b64bba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:117
            with sentry_sdk.start_span(
                op=op,
                name=description,
                origin=DjangoIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fcc737445b2869e7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:214
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #248cbbd4c78d151b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/caching.py:216
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #42bea4625020fe83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:10
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #626e0d3eabfdcfa8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:11
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e5eb47262c1b0f33 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:12
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a244399875375439 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:13
from sentry_sdk.utils import (
    ContextVar,
    capture_internal_exceptions,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7e56bfec25aca52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:22
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2362754011c1e429 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:23
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0f3850b5aa743c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:68
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #94b9b8412dfd575b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:73
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e80a0475399a00f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:84
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7799fcf8db12aca0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/middleware.py:96
            middleware_span = sentry_sdk.start_span(
                op=OP.MIDDLEWARE_DJANGO,
                name=description,
                origin=DjangoIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e21f529ef25369f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #67d34f4362372064 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:7
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ecbc32b87033c80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:8
from sentry_sdk.integrations.django import DJANGO_VERSION

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e2ec523b57c0fb3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:9
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58d1b162770bbfd6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:47
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca5edebe48945483 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:68
                    sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb52a3984641e994 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:81
                    with sentry_sdk.start_span(
                        op=OP.EVENT_DJANGO,
                        name=signal_name,
                        origin=DjangoIntegration.origin,
                    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83b3f35f36382524 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/signals_handlers.py:91
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #642b7b71bc16cb14 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d53d8928b43a832 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:4
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cfdffea7eeefab22 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:5
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03cf8544f8d34ed6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:6
from sentry_sdk.utils import qualname_from_function

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e077310d557cf32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:28
        from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c60f7d71763274f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:30
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e5176ef1bcbc425b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:36
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34392b9088e13616 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/tasks.py:47
            with sentry_sdk.start_span(
                op=OP.QUEUE_SUBMIT_DJANGO, name=name, origin=DjangoIntegration.origin
            ):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b894ecabb0b35717 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e25f8557607533bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:9
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34ff36d51d71be5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae08c7ca394d4f9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:11
from sentry_sdk.utils import ensure_integration_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f6bc2a58f212119 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:58
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbd705d6865018d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:65
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f21683a6c44750bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:76
            with sentry_sdk.start_span(
                op=OP.TEMPLATE_RENDER,
                name=_get_template_name_description(self.template_name),
                origin=DjangoIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16921f020dd848ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:105
                sentry_sdk.get_current_scope().trace_propagation_meta()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8539ead8031bacb3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:108
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9a1e6d5cd4673e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/templates.py:121
            with sentry_sdk.start_span(
                op=OP.TEMPLATE_RENDER,
                name=_get_template_name_description(template_name),
                origin=DjangoIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #860d6ffa64fda5c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2463cde0f0915b6e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:5
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0c2c3fa5acb9810b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:6
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c77f0c9ef5b9ee7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4723fda48f56ce9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:20
    from sentry_sdk.integrations.django.asgi import wrap_async_view

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e0cb11753a8b52b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:29
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ad8b38c19a44a2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:35
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f1b252271fdfc0d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:46
            with sentry_sdk.start_span(
                op=OP.VIEW_RESPONSE_RENDER,
                name="serialize response",
                origin=DjangoIntegration.origin,
            ):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa516d79ab356fbe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:62
        integration = sentry_sdk.get_client().get_integration(DjangoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7720c64adb226675 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:84
    from sentry_sdk.integrations.django import DjangoIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a01d60098abbc51f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:88
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee91f4d674d1703b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:90
        current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8550e1e1a3e012a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:100
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e78b4c611f29d70f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/django/views.py:120
            with sentry_sdk.start_span(
                op=OP.VIEW_RENDER,
                name=request.resolver_match.view_name,
                origin=DjangoIntegration.origin,
            ):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b01dd8d50ff020b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f72acec73189195f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:5
from sentry_sdk.api import continue_trace, get_baggage, get_traceparent

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f05b1985dfe631d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:6
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef5f0f60ee2f533f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:7
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #19048f62d406f64e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:8
from sentry_sdk.integrations._wsgi_common import request_body_within_bounds

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a637b1aedf72d951 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:9
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d249f78abbcace9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:10
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SENTRY_TRACE_HEADER_NAME,
    TransactionSource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf6d218960adc139 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:15
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf83f60b1ecadc37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:16
from sentry_sdk.utils import (
    AnnotatedValue,
    capture_internal_exceptions,
    event_from_exception,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4184bd31beab567e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:37
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eaa00c960a5d805a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:66
        integration = sentry_sdk.get_client().get_integration(DramatiqIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e9eddd14fa2eb57 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:109
        integration = sentry_sdk.get_client().get_integration(DramatiqIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a436e156c28b3b5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:119
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f4c57ad63202f92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:124
        message._scope_manager = sentry_sdk.isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cae201ee82cd314 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:157
            sentry_sdk.start_transaction(
                transaction,
                name=message.actor_name,
                op=OP.QUEUE_TASK_DRAMATIQ,
                source=TransactionSource.TASK,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dda37857eea738bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:177
        integration = sentry_sdk.get_client().get_integration(DramatiqIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6afb43ef94010148 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:202
            client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b61c8b2d84017932 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:208
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1eb3fab1920852ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/dramatiq.py:236
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5152d93c3f824dec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83a43f766863e51a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3fefa260beb098ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:6
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c83925089e562d8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:45
        integration = sentry_sdk.get_client().get_integration(ExcepthookIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01a2ae9241ed2418 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:57
                    client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6038e87e224538bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/excepthook.py:60
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f27915d4c225b754 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1713d28d0d6f012f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c54669b76d96dbc5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:5
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b12a6ce97fe709df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:6
from sentry_sdk.utils import iter_stacks, walk_exception_chain

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f56214603e98fd13 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:11
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f5713f3dc3ce0255 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/executing.py:28
            if sentry_sdk.get_client().get_integration(ExecutingIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16581ef1362b49b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #71275e2ae6094607 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:4
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #361b87d3fd3ab94a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:5
from sentry_sdk.integrations._wsgi_common import RequestExtractor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5fe0ec56ad5c0e7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:6
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4af49a2994d3677 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:7
from sentry_sdk.tracing import SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ba099e3de3df73a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:8
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b443949f11c4934 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:9
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0490fc21a4810431 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:19
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2c7264242b82dde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:100
        integration = sentry_sdk.get_client().get_integration(FalconIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #90bead5709b028a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:104
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6d1bc1053884b69d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:114
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #81f29b400a4e618d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:125
        sentry_sdk.set_transaction_name(name, source)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b4e8c510e221362 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:161
        integration = sentry_sdk.get_client().get_integration(FalconIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dde03acee0af15ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:201
                client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #068f84228e7b65a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:204
            sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92593b37534cfaeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/falcon.py:223
        integration = sentry_sdk.get_client().get_integration(FalconIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #63ba5e7065a60395 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fe3edea3b8680e2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:7
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #44f6bf043dce891a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:8
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d03fa8c624420a8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:9
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5aafb10537136a45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:10
from sentry_sdk.traces import StreamedSpan, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #416de4c845ab3c79 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:11
from sentry_sdk.tracing import SOURCE_FOR_STYLE, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15376ed03c621183 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:12
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9526b18d9506c21d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:13
from sentry_sdk.utils import transaction_from_function

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8d3897d7aa1565e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:18
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab3bbdfff692fd77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:21
    from sentry_sdk.integrations.starlette import (
        StarletteIntegration,
        StarletteRequestExtractor,
        _get_cached_request_body_attribute,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60d46821b363bff9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:100
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d81b86e83ee76c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:108
        sentry_sdk.get_current_scope(), integration.transaction_style, request

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0eb5985ba986e9e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:110
    sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb8968cbba48116c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:172
                current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e152e40e4bf78975 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:174
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37011aab08eb2c58 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/fastapi.py:185
                sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #512d3d1d1df36d5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #703ec0c6d39701f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:4
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb401f61f641d134 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:5
from sentry_sdk.integrations._wsgi_common import (
    DEFAULT_HTTP_METHODS_TO_CAPTURE,
    RequestExtractor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b070f72fa8cd04a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:9
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e46177672dfbed5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:10
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9d9b10cbc1728ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:11
from sentry_sdk.tracing import SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a05a0de9c45a281e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:12
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    package_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c9b3e9b7dcf3487 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:24
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b2c7c7c9dea0a0c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:25
    from sentry_sdk.integrations.wsgi import _ScopedResponse

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #14771559610246de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:98
            integration = sentry_sdk.get_client().get_integration(FlaskIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7aa68738b93c7ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:122
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e3c712ab637945a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:145
    integration = sentry_sdk.get_client().get_integration(FlaskIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be26cf5be896c55f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:154
        sentry_sdk.get_current_scope(), integration.transaction_style, request

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dbe4b1af6e083d52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:157
    scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32228c071b7fc539 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:226
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a443e6c9904eda4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/flask.py:230
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2631f7a3b006765e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #213a69392ac484d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:9
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58b174cd6a032420 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:10
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54e3aa2c255fbe17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:11
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10e4ed9c775d5586 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:12
from sentry_sdk.integrations._wsgi_common import _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c7ebf3c08ade76c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:13
from sentry_sdk.integrations.cloud_resource_context import CLOUD_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #903dc3f7f3290da7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:14
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0669d08179e09282 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:15
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #877d8f68d6060277 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:16
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d64c100c2446c056 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:17
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b7f255b4e7bff77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:18
from sentry_sdk.utils import (
    AnnotatedValue,
    TimeoutThread,
    capture_internal_exceptions,
    event_from_exception,
    logger,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c8b74576045e1885 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:34
    from sentry_sdk._types import Event, EventProcessor, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7578dd6a667f6e24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:44
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35c8a61d91006a1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:61
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ca8ba604898f8f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:81
                        current_scope=sentry_sdk.get_current_scope(),

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #beb2df2200956594 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:157
                span_ctx = sentry_sdk.start_transaction(
                    transaction, custom_sampling_context=sampling_context
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb82b56608c4ddf3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:171
                    sentry_sdk.capture_event(sentry_event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #48c5611239050392 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #14c1b2bab9f62745 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e05528c702d97499 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:6
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fda01bb52e84e641 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:7
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e59ea3ae86447738 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:12
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c7061cd8fc140205 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gnu_backtrace.py:41
    if sentry_sdk.get_client().get_integration(GnuBacktraceIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a287540e67c800c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:10
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e5175478e38f26e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:11
from sentry_sdk.ai.utils import get_start_span_function

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4381e8f4ac629898 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:12
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7545be93bba6a50 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:13
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2baaebf6f23ae92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:14
from sentry_sdk.traces import SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4279dc6912d7cc1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:15
from sentry_sdk.tracing import SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #902811788db5fee7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:16
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b4212213d6279aed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:71
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea0fd490a01a671a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:148
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b906abf1628bb86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:221
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9888fde4266847fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:285
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00666b1c2c9fbce7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:345
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28a8e9658cf1c88e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/__init__.py:405
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1773839a3e4b3d08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:3
from sentry_sdk.ai.utils import set_data_normalized

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #470a292010b2c329 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:4
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5d1fff8c0602da3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:5
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a97ab69e96d07d8f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:6
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0df80b8c953656fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:7
from sentry_sdk.utils import (
    safe_serialize,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c170d328eb390cdc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/streaming.py:22
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #777458739e44f1d5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:20
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9598714d8ef5bc1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:21
from sentry_sdk._types import BLOB_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e98e8c961da74dd0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:22
from sentry_sdk.ai.utils import (
    get_modality_from_mime_type,
    normalize_message_roles,
    set_data_normalized,
    transform_google_content_part,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #052083644f6a025b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:29
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #df7de5addb06481a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:30
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a4a632b5453f0d5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:31
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #335eb6d61ef38918 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:32
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #475ccedf2dfbdcf3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:36
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    safe_serialize,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4eb00f56274b920d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:55
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e463d6e2fc27958 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:56
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b480506a08ff8721 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:160
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2bf0a85913ce7d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:163
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8cb210bbb3f66026 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:676
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d6992aa1d4c3806b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:690
    span = sentry_sdk.start_span(
        op=OP.GEN_AI_EXECUTE_TOOL,
        name=f"execute_tool {tool_name}",
        origin=ORIGIN,
    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #815c8d76fa6370b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:924
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00ebae92dd852951 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/google_genai/utils.py:925
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #874fb929152e6a3a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:1
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fbb715d79fe19cb2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:2
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e4836387f145e05 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:3
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d6ead448904b412f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:4
from sentry_sdk.utils import (
    ensure_integration_enabled,
    event_from_exception,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8973ea459923fa4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:40
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d504d0a33d1321c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:113
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20c31b15276e0ebf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:123
                client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0f8944b970d237d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/gql.py:127
            sentry_sdk.capture_event(event, hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d30f824919c0a4c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #061649360786a84f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:4
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a16d0b3770836058 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:5
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36b684455aff7249 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:6
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3223ad9973ad9b6d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c853f28c722a8a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:8
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    package_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73daa6a0d0ec761f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:30
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b27f79e7410c9a32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:55
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #95939c13e3c08b88 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:62
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15a3517f3b81ec4f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:72
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #478a404851b7425d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:82
        integration = sentry_sdk.get_client().get_integration(GrapheneIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c76b485de1b5159c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:86
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e40ab6d1e15db9d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:93
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #24738da0b8f2113f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:103
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b8f0ec96210c9a93 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:137
    sentry_sdk.add_breadcrumb(
        crumb={
            "data": {
                "operation_name": operation_name,
                "operation_type": operation_type,
            },
            "category": "graphql.operation",
        },
    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b97ff008e56cb7b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:148
        sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7a369b947383cb1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/graphene.py:166
        _graphql_span = sentry_sdk.start_span(op=op, name=operation_name)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96a6206fd5d4f2e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/__init__.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ae81f2de469c249 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/__init__.py:5
from sentry_sdk.utils import parse_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5155540bc09d630 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #709ecc3c26aad476 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc4755fed939170b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8ea761b9033ebfd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:6
from sentry_sdk.integrations.grpc.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1aa4ef419741c37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #242ae6c1836f5e82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:39
        ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4712d1403475a1b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:53
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9628089fd2db2eb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:75
            with sentry_sdk.start_span(
                op=OP.GRPC_CLIENT,
                name="unary unary call to %s" % method.decode(),
                origin=SPAN_ORIGIN,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e554875b8854be9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:108
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c36593b7afc88940 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/client.py:128
            with sentry_sdk.start_span(
                op=OP.GRPC_CLIENT,
                name="unary stream call to %s" % method.decode(),
                origin=SPAN_ORIGIN,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cd81236b0c2f9cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #08b87fdba82a67ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:4
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cacd5dbec88def43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60c820aff70f5cd1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:6
from sentry_sdk.integrations.grpc.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d35ed57989c29b00 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:7
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2fc8017658d18f39 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:8
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8621f30ba2668141 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:9
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9d0de8210148a46 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:10
from sentry_sdk.utils import event_from_exception

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a324ab65b27a846 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:50
                with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #93aea927f9fa1f03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:58
                        sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b9690c1482f1ab5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:84
                                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d11e7a019fbbf4b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:88
                        transaction = sentry_sdk.continue_trace(
                            dict(context.invocation_metadata()),
                            op=OP.GRPC_SERVER,
                            name=name,
                            source=TransactionSource.CUSTOM,
                            origin=SPAN_ORIGIN,
                        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #612a0f87bfe2a67b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:96
                        with sentry_sdk.start_transaction(transaction=transaction):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7371a7ca1f2d8878 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/aio/server.py:106
                                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89ab5d42ac28caa6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #13509e0943e1faf4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37dacc4be92adad8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #123088deaf9bd111 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:6
from sentry_sdk.integrations.grpc.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c2d575b74491283 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5df1a221dcff7f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:34
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b81763289d6fdb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:57
            with sentry_sdk.start_span(
                op=OP.GRPC_CLIENT,
                name="unary unary call to %s" % method,
                origin=SPAN_ORIGIN,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6d4c616ac747ddc9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:84
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09f84b067b9af715 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:107
            with sentry_sdk.start_span(
                op=OP.GRPC_CLIENT,
                name="unary stream call to %s" % method,
                origin=SPAN_ORIGIN,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #415ca58587596c35 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/client.py:137
        ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d0286ca96019172 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd0848063d124c94 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:4
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e875f425251632a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c8e3243c2a67b938 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:6
from sentry_sdk.integrations.grpc.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c83ae4e9cf5ca5fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:7
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c53487b2e1d8bb4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:8
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d1fb060f12be755 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:9
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d981c5ae2c7a301a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:45
            with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83d303715fb0097c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:52
                        sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a33f3dd8eef37eb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:71
                        transaction = sentry_sdk.continue_trace(
                            metadata,
                            op=OP.GRPC_SERVER,
                            name=name,
                            source=TransactionSource.CUSTOM,
                            origin=SPAN_ORIGIN,
                        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1d5bc809df69254 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/grpc/server.py:79
                        with sentry_sdk.start_transaction(transaction=transaction):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97c777581a4bb8cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf09caaf14d15082 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e781ea5e674107d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0462b3dbe4af122 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:6
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83d2361e745d2955 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:7
from sentry_sdk.tracing import BAGGAGE_HEADER_NAME

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52aade9bb08382d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:8
from sentry_sdk.tracing_utils import (
    add_http_request_source,
    add_sentry_baggage_to_headers,
    has_span_streaming_enabled,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4460ca9a3d0df023 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:14
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    ensure_integration_enabled,
    logger,
    parse_url,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #415d8904aee10cac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:25
    from sentry_sdk._types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3caddb5f7b12189b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:55
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c65f0806577d0ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:89
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #78434b1c03bf8a11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:113
            with sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name="%s %s"
                % (
                    request.method,
                    parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE,
                ),
                origin=HttpxIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6acde164d436b234 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:133
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #184632f176b6901a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:163
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4849942d21aa4d54 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:199
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #14249ba54319644e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:223
            with sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name="%s %s"
                % (
                    request.method,
                    parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE,
                ),
                origin=HttpxIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9c5946970222efe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx.py:243
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #17a8ca8b659f786c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39d9ac31b9cdd7e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51fa19086b779131 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6621b332766d93a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:6
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6bf44cf171e984f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:7
from sentry_sdk.tracing import BAGGAGE_HEADER_NAME

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d26e825e7be33417 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:8
from sentry_sdk.tracing_utils import (
    add_http_request_source,
    add_sentry_baggage_to_headers,
    has_span_streaming_enabled,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26c220310eda5b5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:14
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    ensure_integration_enabled,
    logger,
    parse_url,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b4c9baace057dae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:25
    from sentry_sdk._types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e313e470892c86a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:55
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a80d2c666e7816c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:89
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b7132687d20a1658 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:113
            with sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name="%s %s"
                % (
                    request.method,
                    parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE,
                ),
                origin=Httpx2Integration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a3e2e178587d5efe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:133
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #13403d2a694c6a82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:163
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #879a13c3ee573ede Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:199
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c447b083dcc30bc1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:223
            with sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name="%s %s"
                % (
                    request.method,
                    parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE,
                ),
                origin=Httpx2Integration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46265fcfb8264c30 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/httpx2.py:243
                        sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #908ebb8e357894af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d967034bea85aa1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:6
from sentry_sdk.api import continue_trace, get_baggage, get_traceparent

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddc27622e58cc2f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:7
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9304a67e0b4c913 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:8
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6175bb510ea0dac4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:9
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54c5f70f7218582f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:10
from sentry_sdk.traces import SegmentSource, SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ffb930362c2f69f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:11
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SENTRY_TRACE_HEADER_NAME,
    TransactionSource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4dffd9faa9539525 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:16
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d4edc753984b58e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:17
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    _register_control_flow_exception,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85fec1c22f4e536b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:29
    from sentry_sdk._types import Event, EventProcessor, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #830792c16c5232a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:30
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c687add6b035b0b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:79
            sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b173cde3c4754331 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:93
            span_ctx = sentry_sdk.start_span(
                op=OP.QUEUE_SUBMIT_HUEY,
                name=span_name,
                origin=HueyIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f62280294014f9b3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:149
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83e5599b346f5216 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:151
        sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #53cdf5af1ba88279 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:168
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce3199c70f84d66f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:196
        with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0b00bb2a2a52dcc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:204
                sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4efe8f933a549172 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huey.py:233
                span_ctx = sentry_sdk.start_transaction(transaction)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57971a5875dc545f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e65d18e23e698db5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:7
from sentry_sdk.ai.monitoring import record_token_usage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35ce2ae2ce4d08fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:8
from sentry_sdk.ai.utils import (
    _set_span_data_attribute,
    get_start_span_function,
    set_data_normalized,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c12cc1bca3c49338 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:13
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c49f35d15172bbf9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:14
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8e63b47cc48e470 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:15
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af45eb2a15aacb5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:16
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b072bc4bede120de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:17
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1485f8c2c832c0b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:18
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bcec590f8816180b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:27
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f147024b30e32e37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:64
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e63cb15506eaac18 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:67
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e350394780925e4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:73
        integration = sentry_sdk.get_client().get_integration(HuggingfaceHubIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1fa0d77f119e075 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/huggingface_hub.py:95
        if has_span_streaming_enabled(sentry_sdk.get_client().options):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7938a008f5e6f075 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:9
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #04e4b5ebfcd834a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:10
from sentry_sdk.ai.utils import (
    GEN_AI_ALLOWED_MESSAGE_ROLES,
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    transform_content_part,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9491bedd7c6b41d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:18
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #74971ceb98ab0629 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:19
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d924c02d80d8b226 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:20
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f2f47dfb81feced6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:21
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #094ffeccd2eb11d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:22
from sentry_sdk.tracing_utils import (
    _get_value,
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbe1f801e40caaac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:27
from sentry_sdk.utils import capture_internal_exceptions, logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e4e5a8923bf3484 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:42
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #debcce029a5373dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:43
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec2d6608708f7815 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:278
                sentry_sdk.capture_exception(
                    error, span._scope if isinstance(span, StreamedSpan) else span.scope
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acaa454837483e31 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:320
            span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b21f0ff084487674 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:330
                else sentry_sdk.start_span(op=op, name=name, origin=origin)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #67e49cb06cf84d80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:413
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #19e4a20a78abe085 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:414
                scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #247cdf2faaf5dac1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:506
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e89a704c2e109c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:507
                scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b1ddb3acc2234636 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:941
        integration = sentry_sdk.get_client().get_integration(LangchainIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85514b614dd53ad7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1015
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00631333a2efebfa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1048
                    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a219c3e4c98bcdad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1049
                    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e636957c61b83549 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1099
                    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #95a8a66805b9cf52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1100
                    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1b62780960e0a87 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1130
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11fe185202b4f4ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1176
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2562ff9905605da Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1177
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97293a0a695d4b71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1282
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #795cad520f5bba69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1317
            with sentry_sdk.start_span(
                op=OP.GEN_AI_EMBEDDINGS,
                name=f"embeddings {model_name}" if model_name else "embeddings",
                origin=LangchainIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edd8a134c506d97a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1352
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e38048daf4e8e1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langchain.py:1387
            with sentry_sdk.start_span(
                op=OP.GEN_AI_EMBEDDINGS,
                name=f"embeddings {model_name}" if model_name else "embeddings",
                origin=LangchainIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #71a94caf1e9f7704 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #303fc834142506ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:5
from sentry_sdk.ai.utils import (
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #279607876d9b6d65 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:11
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5516d002cc93cb76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:12
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f035d8bdae95e471 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:15
from sentry_sdk.integrations.langchain import LangchainIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16a1d7cf532a637c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:16
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #90be873edf6dd1ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:17
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0c54016cd32df676 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:18
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ea77883868b498c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:22
from sentry_sdk.utils import safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b40b63be861f28dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:120
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01cc3f2bda368462 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:125
        with sentry_sdk.start_span(
            op=OP.GEN_AI_CREATE_AGENT,
            origin=LanggraphIntegration.origin,
        ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1906b8795f76bb91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:166
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #53e337b841f9f04b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:202
                        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c66db53432c6ab2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:203
                        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f8420220487a420 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:249
                        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8e4f95d72b59225 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:250
                        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #716fa31ee3b360c5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:278
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #243dbcc0e3ce4212 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:313
                        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dcf2d0977abea5a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:314
                        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #40769b436c956652 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:357
                    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c6cd6e5d7a7c68c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/langgraph.py:358
                    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf6d7b9274cce512 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/launchdarkly.py:3
from sentry_sdk.feature_flags import add_feature_flag

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #187d8add778ac5df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/launchdarkly.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a55bf3ef7470bbfb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32a6c9b8109bcdaa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:5
from sentry_sdk import consts

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dcf4f64da6e38b51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:6
from sentry_sdk.ai.monitoring import record_token_usage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6186c34bc99a3de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:7
from sentry_sdk.ai.utils import (
    get_start_span_function,
    set_data_normalized,
    transform_openai_content_part,
    truncate_and_annotate_embedding_inputs,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a86bcf52eff07aa5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:14
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aeb0b363b06d9a98 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:15
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c269a89a8a7bb12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:16
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6bce0c88773cf0b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:17
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cf492f2b776a263 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:21
from sentry_sdk.utils import event_from_exception

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3f0a11f5b70d56a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:80
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4a5b7449b46b430 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:137
                scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c62823f251644bbd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:144
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fe6dc51154360156 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:161
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbaddf26b6866b4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:162
                scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15956264573a2d44 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:209
    integration = sentry_sdk.get_client().get_integration(LiteLLMIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03ba3887d06d7750 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:299
            client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2361f7d30bbfe1f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litellm.py:302
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fdb60fc14a32fb66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7dafc0adb752c11a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:5
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7897cff218594ace Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:6
from sentry_sdk.integrations import (
    _DEFAULT_FAILED_REQUEST_STATUS_CODES,
    DidNotEnable,
    Integration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #13bbce12af3730d3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:11
from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29c0bb3cae491d6e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:12
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #27701bf8fc5c0740 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:13
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9116991a11046b23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:14
from sentry_sdk.tracing import SOURCE_FOR_STYLE, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4c67d9c6e5b056c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:15
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #99671eb359f2eaa6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:16
from sentry_sdk.utils import (
    ensure_integration_enabled,
    event_from_exception,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cfa5bf3501ee8821 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:52
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d41cfd01e2edc91c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:161
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a9d4a79200b46e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:216
            with sentry_sdk.start_span(
                op=OP.MIDDLEWARE_LITESTAR,
                name=middleware_name,
                origin=LitestarIntegration.origin,
            ) as middleware_span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4547cdc3cb2df8d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:229
                    with sentry_sdk.start_span(
                        op=OP.MIDDLEWARE_LITESTAR_RECEIVE,
                        name=getattr(receive, "__qualname__", str(receive)),
                        origin=LitestarIntegration.origin,
                    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ac977511b82ebca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:245
                    with sentry_sdk.start_span(
                        op=OP.MIDDLEWARE_LITESTAR_SEND,
                        name=getattr(send, "__qualname__", str(send)),
                        origin=LitestarIntegration.origin,
                    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a68f375fc85b28e3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:276
        if sentry_sdk.get_client().get_integration(LitestarIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ed35a41f71e6a2cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:279
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16842fb52cd5598a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:309
        sentry_sdk.set_transaction_name(name, source)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f95f415bbd4ce963 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:347
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79d6dd2d5df935c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:351
        integration = sentry_sdk.get_client().get_integration(LitestarIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #234938c4e04629a2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:360
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7dd94be0fd67d1f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/litestar.py:364
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f3660e3864c5d68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9497975e9f17936 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:8
from sentry_sdk.client import BaseClient

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8ff5287328dbff5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:9
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b10a23e0f62fc1a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:10
from sentry_sdk.logger import _log_level_to_otel

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e957decba52f279f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:11
from sentry_sdk.utils import (
    capture_internal_exceptions,
    current_stacktrace,
    event_from_exception,
    has_logs_enabled,
    safe_repr,
    to_string,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0910ce0c8731ed95 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:183
                    integration = sentry_sdk.get_client().get_integration(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd3ffb8dbdde8ec1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:263
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #673f3649b265d82f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:332
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #db135ec6764ed65d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:362
        sentry_sdk.add_breadcrumb(
            self._breadcrumb_from_record(record), hint={"log_record": record}
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #889f87c7c4cc3bda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:397
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab3ff8034b283130 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/logging.py:466
        sentry_sdk.get_current_scope()._capture_log(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #212ff8ebefa46a68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ccea8d2d0397c92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28052d97b181b21e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:6
from sentry_sdk.integrations.logging import (
    BreadcrumbHandler,
    EventHandler,
    _BaseHandler,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9741d0e25c5653e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:11
from sentry_sdk.logger import _log_level_to_otel

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9ceef199c71bb8b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:12
from sentry_sdk.utils import has_logs_enabled, safe_repr

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02ff5f0d896094a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:144
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22b17bf65df74d43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/loguru.py:198
    sentry_sdk.get_current_scope()._capture_log(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49da56cb9ca97670 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:14
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acf484bfb83f7264 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:15
from sentry_sdk.ai.utils import _set_span_data_attribute, get_start_span_function

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07345507174ae46c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:16
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8fd204d81e07ee9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:17
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b3250e401e851b8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:18
from sentry_sdk.integrations._wsgi_common import nullcontext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #84f71292d9b20556 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:19
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3690ab215c2dbabe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:20
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c713c034fb19a42e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:21
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b03373972fffe21d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:22
from sentry_sdk.utils import package_version, safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b0d22495d1df88f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:60
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5782ceae396168c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:61
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1dbc3bc7129af983 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:282
    integration = sentry_sdk.get_client().get_integration(MCPIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e144e19c8316d490 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:566
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69bae043f55ba705 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:638
                    sentry_sdk.capture_exception(e)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5861fac58c73e490 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:826
        scope.setdefault("state", {})["sentry_sdk.isolation_scope"] = (
            sentry_sdk.get_isolation_scope()
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4bb8b579aa6167a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/mcp.py:829
        scope["state"]["sentry_sdk.current_scope"] = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07a19318e52dd5d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #003ee0d26cf4692e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:4
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2c51bd53cf123ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:5
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1295286f6c54e810 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:6
from sentry_sdk.utils import _get_installed_modules

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #81113a16f72b1b47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:11
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #781108ceb3f7869f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/modules.py:24
            if sentry_sdk.get_client().get_integration(ModulesIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aef44a349bd6e862 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c36e7850f94b378 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:9
from sentry_sdk import consts

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1abffc0fc923d09 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:10
from sentry_sdk.ai._openai_completions_api import (
    _get_system_instructions as _get_system_instructions_completions,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #536ca9b80eb1caff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:13
from sentry_sdk.ai._openai_completions_api import (
    _get_text_items,
    _transform_system_instructions,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32d2a58877b0f086 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:17
from sentry_sdk.ai._openai_completions_api import (
    _is_system_instruction as _is_system_instruction_completions,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d13d09cc36f5ec3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:20
from sentry_sdk.ai._openai_responses_api import (
    _get_system_instructions as _get_system_instructions_responses,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b84933f5208dfbce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:23
from sentry_sdk.ai._openai_responses_api import (
    _is_system_instruction as _is_system_instruction_responses,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e5602d100dbdb545 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:26
from sentry_sdk.ai.monitoring import record_token_usage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8aef09fb94c2f77e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:27
from sentry_sdk.ai.utils import (
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_embedding_inputs,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d8be270de479a49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:34
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec89206ab10dafcf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:35
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da7a0ed039aa8002 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:36
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b790f8512ccb686 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:37
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f915cd11e5bb9605 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:38
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12c5da3071821918 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:42
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    reraise,
    safe_serialize,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66a7268042692190 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:70
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c91837934b2fd6a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:71
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06708be210ba7d41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:148
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b7ff62d8e0640adf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:151
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0618fc2e39d92c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:415
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f64fbe6f7c35cbfb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:416
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ebce37a723987a05 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:435
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23649b5fafe20f3c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:436
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6a4c27f15352ac4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:502
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8584624c66dfa25f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:503
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #005bf9fceae4f79c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:538
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e6a8b59fb1f1025 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:539
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c22d0cbe16c9fdb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:582
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c146955471cb3289 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:583
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d5125510cf9ce21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:606
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ffa456e5a5cdab9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:607
        scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c22a524e7053248a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:711
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d9316c2ff42098c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:792
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #627e8b1b063c38d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1198
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #626a36d3d80fae77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1211
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #93eb50f8b37e6a75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1222
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9fa0bc31cf53504 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1280
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec642cd2e5a0c369 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1338
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3682604e3a0546cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1350
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58201ecd4c2f199f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1360
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85aebb4ca512157a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1430
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f5118b2488264617 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1501
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #339b6f66d46f9803 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai.py:1513
        integration = sentry_sdk.get_client().get_integration(OpenAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8c6bad3e5ae76b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/__init__.py:3
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edf56e19a5f75341 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/__init__.py:4
from sentry_sdk.utils import parse_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab5874c50abb947d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/agent_run.py:4
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c45094e3f9de654e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/agent_run.py:5
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #24b23868b7515e87 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/agent_run.py:6
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73869ea0eb53d6bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/agent_run.py:7
from sentry_sdk.utils import capture_internal_exceptions, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ca99906b748c257 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/agent_run.py:20
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da427aaf877842f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f435221a4f0f4867 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:5
from sentry_sdk.consts import SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4af7f50b91762b6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:6
from sentry_sdk.traces import SpanStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ca65880770f3899 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf4ddd398ed1c6b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:59
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f9c36db59a6e61b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:61
            current_span = sentry_sdk.get_current_scope().streamed_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0bb05bcd76a0f43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/error_tracing.py:65
            current_span = sentry_sdk.get_current_span()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c76270d53e22c845 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02fe3637786649e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:7
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1aa0e332b81ea3ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:8
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38aa759dc88fccf4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:9
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b11788f76a32a47c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:10
from sentry_sdk.tracing import BAGGAGE_HEADER_NAME

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #391efc7c7264896a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:11
from sentry_sdk.tracing_utils import (
    add_sentry_baggage_to_headers,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #214b70e722e0f70b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:15
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #87908dc7b2285de9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:22
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c363896c8cb617f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:56
    if should_propagate_trace(sentry_sdk.get_client(), mcp_url):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0e2bcbd8b1fcf20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/models.py:60
        ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers(span=span):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #50d803943a0aaead Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b18ae72b3a3068cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:5
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #59b3ea6e2e6cafde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:6
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09f93b480cb5a8ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:7
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a02768b42cdc91c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:8
from sentry_sdk.utils import capture_internal_exceptions, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #abf2d437ffeaf17a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/runner.py:38
        with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #94f4899945cdaf36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/patches/tools.py:4
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51be1a163ffc48f9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/agent_workflow.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66390b02428f38b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/agent_workflow.py:4
from sentry_sdk.ai.utils import get_start_span_function

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d134f2d8ffbf976 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/agent_workflow.py:5
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #763a215f8d20f0ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/agent_workflow.py:19
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9bff2ac6a11e22ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9140b123ce22a45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a841a7b0f536a972 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:5
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #633b39bd0b061f29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:6
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd7e4bb3a65e1627 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:33
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0218063a7a66be38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/ai_client.py:44
        span = sentry_sdk.start_span(
            op=OP.GEN_AI_CHAT,
            name=f"chat {model_name}",
            origin=SPAN_ORIGIN,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a20a4809ac77d5b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a77a15dd0e312698 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:4
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ffa1e28e447d0940 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:5
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #447a6334044d9f3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:6
from sentry_sdk.traces import SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f5d01023b8e4ccd9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #74d165d4b59372f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:21
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4abb5354edb30f00 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/execute_tool.py:36
        span = sentry_sdk.start_span(
            op=OP.GEN_AI_EXECUTE_TOOL,
            name=f"execute_tool {tool.name}",
            origin=SPAN_ORIGIN,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c8868dc7bb121dc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/handoff.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d8120c239afbf2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/handoff.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a2a7a761de940bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/handoff.py:5
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2419366bf2255e8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/handoff.py:16
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fa3c5d6448e713f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/handoff.py:31
        with sentry_sdk.start_span(
            op=OP.GEN_AI_HANDOFF,
            name=f"handoff from {from_agent.name} to {to_agent_name}",
            origin=SPAN_ORIGIN,
        ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #48d007520a8d3902 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57b3cbd178daebe0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:4
from sentry_sdk.ai.utils import (
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bbba6565d2f14ff0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:10
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52648b42ef660ae6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:11
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10666caab6c09e4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:12
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #76786fa8f621b2fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:13
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff80e19b14ddcbc5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:17
from sentry_sdk.utils import safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33a24f53e35ddb69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:31
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3d9dfa64ecd3c57 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:83
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #086ef3ac6413663c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/spans/invoke_agent.py:84
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ebe82fc753edffec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc6800dbd9801081 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:5
from sentry_sdk.ai._openai_completions_api import _transform_system_instructions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89416fd3d2ecd351 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:6
from sentry_sdk.ai._openai_responses_api import (
    _get_system_instructions,
    _is_system_instruction,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #392f71a56b855706 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:10
from sentry_sdk.ai.utils import (
    GEN_AI_ALLOWED_MESSAGE_ROLES,
    normalize_message_role,
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bea83ee262ad700a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:17
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f62ae90caca2e2df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:18
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #463e3a58ede47400 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:19
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #efca4af148313e7e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:20
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b2f9fd88b84406f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:21
from sentry_sdk.tracing_utils import should_truncate_gen_ai_input

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9413061abb39c9b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:22
from sentry_sdk.utils import event_from_exception, safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e28812af113f64bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:29
    from sentry_sdk._types import TextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bb07237be9f8ad39 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:41
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5194670b1e16a0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:44
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #87b7e6309699ba8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:191
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #342f0582533d36a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openai_agents/utils.py:192
    scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #744e17ab29bf46a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openfeature.py:3
from sentry_sdk.feature_flags import add_feature_flag

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd60d44d97367d89 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/openfeature.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43190a72688570a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/__init__.py:1
from sentry_sdk.integrations.opentelemetry.propagator import SentryPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b605764c466bcb8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/__init__.py:2
from sentry_sdk.integrations.opentelemetry.span_processor import SentrySpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ca9ebc1ccb35f4a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/consts.py:1
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af11ad59cfdbcede Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/consts.py:4
    from opentelemetry.context import create_key

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af6702ba516cc53d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:10
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f24c682e74f7361 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:11
from sentry_sdk.integrations.opentelemetry.propagator import SentryPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e3e5dd75eb0d593 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:12
from sentry_sdk.integrations.opentelemetry.span_processor import SentrySpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee77ef9a233fa5d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:13
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c23ff9e723d395d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:14
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #974025939e560d2b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:20
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #261d0fcffae110ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:21
    from opentelemetry.propagate import set_global_textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aee2ab16cb403112 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:22
    from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ad8958c3086d40d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/integration.py:27
    from opentelemetry.instrumentation.django import (  # type: ignore[import-not-found]
        DjangoInstrumentor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #14bf0302318beeb6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:1
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #933c7ab2e916c294 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:2
from sentry_sdk.integrations.opentelemetry.consts import (
    SENTRY_BAGGAGE_KEY,
    SENTRY_TRACE_KEY,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c609b6db91e8a734 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:6
from sentry_sdk.integrations.opentelemetry.span_processor import (
    SentrySpanProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1d7d7a646de31101 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:9
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SENTRY_TRACE_HEADER_NAME,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79266e71c5dea83d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:13
from sentry_sdk.tracing_utils import Baggage, extract_sentrytrace_data

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70c42ff7d62dc11e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:16
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9cf868a88573ca2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:17
    from opentelemetry.context import (
        Context,
        get_current,
        set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aaa1527fd7b31ce6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:22
    from opentelemetry.propagators.textmap import (
        CarrierT,
        Getter,
        Setter,
        TextMapPropagator,
        default_getter,
        default_setter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47cdda8ba4218ce9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/propagator.py:30
    from opentelemetry.trace import (
        NonRecordingSpan,
        SpanContext,
        TraceFlags,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3cde7c2c596bf146 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:7
from sentry_sdk import get_client, start_transaction

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc2b89b5bddd1e42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:8
from sentry_sdk.consts import INSTRUMENTER, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0628d81fe5194402 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:9
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #733742b43ef93430 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:10
from sentry_sdk.integrations.opentelemetry.consts import (
    SENTRY_BAGGAGE_KEY,
    SENTRY_TRACE_KEY,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73f6d135bb0b5dd4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:14
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b3a609578e02052 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:15
from sentry_sdk.tracing import Span as SentrySpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97c616137c470348 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:16
from sentry_sdk.tracing import Transaction

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07fa6a035fe1c033 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:19
    from opentelemetry.context import get_value

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af252aa15695d097 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:20
    from opentelemetry.sdk.trace import ReadableSpan as OTelSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d90fd626bc46b191 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:21
    from opentelemetry.sdk.trace import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20517cb250c6da3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:22
    from opentelemetry.semconv.trace import SpanAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b3119b4d5955ac0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:23
    from opentelemetry.trace import (
        SpanKind,
        format_span_id,
        format_trace_id,
        get_current_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e19a99d58a5458f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:29
    from opentelemetry.trace.span import (
        INVALID_SPAN_ID,
        INVALID_TRACE_ID,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a92d3dfbe24d46af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:39
    from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd00a4bd37c08528 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:40
    from opentelemetry.trace import SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #808a6b08cc3a5d61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:42
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e182f617fcb66649 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:52
    client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #010d7662041e8e1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:131
        client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #274e485f2c1b8287 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:171
            sentry_span = start_transaction(
                name=otel_span.name,
                span_id=trace_data["span_id"],
                parent_span_id=parent_span_id,
                trace_id=trace_data["trace_id"],
                baggage=trace_data["baggage"],
                start_timestamp=start_timestamp,
                instrumenter=INSTRUMENTER.OTEL,
                origin=SPAN_ORIGIN,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a45796b591928293 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:195
        client = get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #72f75e302f8e240b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/opentelemetry/span_processor.py:249
        parsed_dsn = get_client().parsed_dsn

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0684f91c1ac03422 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:1
from sentry_sdk import capture_event, get_client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51a5e1bae4e0c0bb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:2
from sentry_sdk.consts import VERSION, EndpointType

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5578c73164a5c4d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:3
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9508afa6b0f2ce50 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:4
from sentry_sdk.scope import register_external_propagation_context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f05f6945b3290e8b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:5
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SENTRY_TRACE_HEADER_NAME,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c249c6ec5232ba8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:9
from sentry_sdk.tracing_utils import Baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #475055f7db3feac1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:10
from sentry_sdk.utils import (
    Dsn,
    capture_internal_exceptions,
    event_from_exception,
    logger,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f81b586b2df2934 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:18
    from opentelemetry.context import (
        Context,
        get_current,
        get_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cdf6f6ddd479e5a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:23
    from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16dd1cbbc411b3ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:24
    from opentelemetry.propagate import set_global_textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #892e169aa11c4674 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:25
    from opentelemetry.propagators.textmap import (
        CarrierT,
        Setter,
        default_setter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36cd94c1760f3a80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:30
    from opentelemetry.sdk.trace import Span, TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46f2f7e22bd396bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:31
    from opentelemetry.sdk.trace.export import BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac40e2c14cb17912 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:32
    from opentelemetry.trace import (
        INVALID_SPAN_ID,
        INVALID_TRACE_ID,
        SpanContext,
        format_span_id,
        format_trace_id,
        get_current_span,
        get_tracer_provider,
        set_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6181b760f4a54420 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:43
    from sentry_sdk.integrations.opentelemetry.consts import SENTRY_BAGGAGE_KEY

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #383e3d0e63d5e6dc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:44
    from sentry_sdk.integrations.opentelemetry.propagator import SentryPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #684b089ec02b4766 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:108
        otlp_integration = get_client().get_integration(OTLPIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8aaf48c371dcb69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:113
                    client_options=get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c6b818a69207c531 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:116
                capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b69f11434592721 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/otlp.py:143
        otlp_integration = get_client().get_integration(OTLPIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23738217bb23988e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca71461b62e4ac37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:5
from sentry_sdk import serializer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #625039d1d392f5ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:6
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #743b3dcf4045e8c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:7
from sentry_sdk.scope import add_global_event_processor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #234016d0b919d9eb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:8
from sentry_sdk.utils import iter_stacks, walk_exception_chain

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8fc340bdd26fe181 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:14
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #134a111bac149319 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pure_eval.py:42
            if sentry_sdk.get_client().get_integration(PureEvalIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e553aa9cf1470d75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/__init__.py:3
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #434941553ff83d85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/__init__.py:4
from sentry_sdk.utils import capture_internal_exceptions, parse_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ae8bea0be018af0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #785223a3225a36b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:6
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34bb61c7ca1a5db1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:7
from sentry_sdk.utils import capture_internal_exceptions, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce50eaea2e9a3e3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:45
        self._isolation_scope = sentry_sdk.isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39df63911900a3fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:98
    from sentry_sdk.integrations.pydantic_ai import (
        PydanticAIIntegration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b49ca0dae1f8bf3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:106
        with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #126ec88f13845958 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/agent_run.py:150
    from sentry_sdk.integrations.pydantic_ai import (
        PydanticAIIntegration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9683e1d70210eb7d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/graph_nodes.py:4
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #27b42d26443a3114 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68e139dd1979a20e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:6
from sentry_sdk.integrations import DidNotEnable

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #857c51e83250d332 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:7
from sentry_sdk.utils import capture_internal_exceptions, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2f9ee46fa55d60b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:62
            with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a38768b1ed03fa41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:82
                            from sentry_sdk.integrations.pydantic_ai import (
                                PydanticAIIntegration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #72715a591391565f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:86
                            integration = sentry_sdk.get_client().get_integration(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96e4292ae62a790b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:135
            with sentry_sdk.isolation_scope():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a10f07ce02dc07e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:155
                            from sentry_sdk.integrations.pydantic_ai import (
                                PydanticAIIntegration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2226f1139b79370 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/patches/tools.py:159
                            integration = sentry_sdk.get_client().get_integration(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eed86a7f797a0c20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23151547f6e6b290 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:5
from sentry_sdk.ai.utils import (
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a29f9ffbea0e431 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:10
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33dc6a5b33c6bc8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:11
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f817bc1b9c4c9ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:12
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a85c4f218571441 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:16
from sentry_sdk.utils import safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e85dc83a30e29f10 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:39
    from sentry_sdk._types import TextPart as SentryTextPart

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cbf750724a09e43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:203
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #252afc8fc992d77b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:204
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #264c26f837e3f9cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:283
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16ead4e3b0b5ccf5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/ai_client.py:295
        span = sentry_sdk.start_span(
            op=OP.GEN_AI_CHAT,
            name=f"chat {model_name}",
            origin=SPAN_ORIGIN,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c8b9c6bbaff4d7a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2332400b983e998 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e7094e863116b487 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:5
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af9623cfef1107dc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:6
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #56d848e855aae7a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:7
from sentry_sdk.utils import safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b028862599aa870 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:32
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #836acc672574b14d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/execute_tool.py:46
        span = sentry_sdk.start_span(
            op=OP.GEN_AI_EXECUTE_TOOL,
            name=f"execute_tool {tool_name}",
            origin=SPAN_ORIGIN,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7800cf0ce5963a6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d26181830f610c1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:4
from sentry_sdk.ai.utils import (
    get_start_span_function,
    normalize_message_roles,
    set_data_normalized,
    truncate_and_annotate_messages,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f2666421a1fe6c3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:10
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #509f9b27acdc8f37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:11
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a75b1282d6a6a3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:12
from sentry_sdk.tracing_utils import (
    has_span_streaming_enabled,
    should_truncate_gen_ai_input,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bfb8945aaa1f9f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:52
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ed09d8288a35bb5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:140
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b13953d79d3fb82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/invoke_agent.py:141
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #82a0e7648a026983 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ab1907fb1e2af63 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:6
from sentry_sdk._types import BLOB_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b1001688bc56027 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:7
from sentry_sdk.ai.consts import DATA_URL_BASE64_REGEX

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18a1917cb5160f56 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:8
from sentry_sdk.ai.utils import get_modality_from_mime_type

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1e59cbdcf0039a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:9
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61d869e1d3d1f2b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/spans/utils.py:10
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be0aa65b3b50cba5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47afabd6acb43713 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:5
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc1d8da0ff3a35b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:6
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e0a291e021d231a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:7
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02134a5324f9e786 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:8
from sentry_sdk.utils import event_from_exception, safe_serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b5579d1d096777b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:64
    integration = sentry_sdk.get_client().get_integration(PydanticAIIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0662b782aadfce81 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:230
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f4d0e83ae3e05a17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pydantic_ai/utils.py:233
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89ce7830fd9a6369 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #457a1a53db966f3d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:5
from sentry_sdk.consts import OP, SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91dfc3d05e175d5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:6
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #17443627049f29ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5067ff09afbf895b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:8
from sentry_sdk.traces import SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e8fd34606ef1fd9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:9
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b2c1ccf8e7aaf0a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a2bb17cd3fe9467 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:11
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #780e17b91af9c10e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:92
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cca501c9a6da4036 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:131
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cbe6b5051e0a03ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:169
                    sentry_sdk.add_breadcrumb(
                        message=query,
                        category="query",
                        type=OP.DB,
                        data=span_first_data,
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e7819ec6fe81d106 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:206
                span = sentry_sdk.start_span(
                    op=OP.DB,
                    name=query,
                    origin=PyMongoIntegration.origin,
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d9c3a0802de040f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:222
                    sentry_sdk.add_breadcrumb(
                        message=query, category="query", type=OP.DB, data=tags
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3711df1ddce19d4e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:229
        if sentry_sdk.get_client().get_integration(PyMongoIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6387e479f805096c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pymongo.py:244
        if sentry_sdk.get_client().get_integration(PyMongoIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2162c34108419517 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #94a13f75b1034f83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:7
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47c4838ff401e2b7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:8
from sentry_sdk.integrations._wsgi_common import RequestExtractor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39832491c0707848 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:9
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dac70093cb0bc5e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:10
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #748427e64a45b853 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:11
from sentry_sdk.traces import SOURCE_FOR_STYLE as SEGMENT_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c50dce23ddffbec2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:12
from sentry_sdk.tracing import SOURCE_FOR_STYLE as TRANSACTION_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5bde4a35bed48169 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:13
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #830b065e1a7086f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:14
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dfc8bfd461c1e294 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:36
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d84c85b9be2ac2f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:37
    from sentry_sdk.integrations.wsgi import _ScopedResponse

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d8630bfa1be0cc3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:38
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ff82d3bdf2cbd4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:78
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b68009ad92e7071 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:84
                sentry_sdk.get_current_scope(), integration.transaction_style, request

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c99ad1b7cacb1c61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:87
            scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a11b696fa2e875b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:114
                    and sentry_sdk.get_client().get_integration(PyramidIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d41db5661181b3fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:155
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dac3e3fbee97ea6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:159
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #288a229cbd0b819d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyramid.py:171
            sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9e8e31f82f05aad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f9fca8a9f73ddc4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:5
from sentry_sdk import start_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70ffcb677554426c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:6
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39cc75cff549a1ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:7
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d7fca04b1c0b10d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:8
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a47c247a3382640 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:9
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bb8ef0071f716942 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:10
from sentry_sdk.tracing import BAGGAGE_HEADER_NAME

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c67bc6691ec0e180 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:11
from sentry_sdk.tracing_utils import (
    add_http_request_source,
    add_sentry_baggage_to_headers,
    has_span_streaming_enabled,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37e7734d1b261666 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:17
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    logger,
    parse_url,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66c61cf46d189b9f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:70
            integration = sentry_sdk.get_client().get_integration(PyreqwestIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #487ca4c305bece5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:89
    span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ffbe6258a22bbc2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:104
            if should_propagate_trace(sentry_sdk.get_client(), str(request.url)):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8cf4f3153b4907ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:108
                ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #692c3c6e33fd8cc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:127
    with start_span(
        op=OP.HTTP_CLIENT,
        name=f"{request.method} {parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE}",
        origin=PyreqwestIntegration.origin,
    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ca2b122c8969bc47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:138
        if should_propagate_trace(sentry_sdk.get_client(), str(request.url)):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc652cbbe2c48fca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:142
            ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f1b2b5e07651c71a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:163
    if sentry_sdk.get_client().get_integration(PyreqwestIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1682bb2190b047ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/pyreqwest.py:183
    if sentry_sdk.get_client().get_integration(PyreqwestIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec8d8a8777ff407b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f40cd15c9fa7a335 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:8
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c3bc243962ad32e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:9
from sentry_sdk.integrations._wsgi_common import _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9432b77729101c8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:10
from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7d8dbb05a4b1f3fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:11
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b8854585c11d3cd2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:12
from sentry_sdk.traces import SOURCE_FOR_STYLE as SEGMENT_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d55bdb645e5d7ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:13
from sentry_sdk.traces import StreamedSpan, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #578f18b292137171 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:14
from sentry_sdk.tracing import SOURCE_FOR_STYLE as TRANSACTION_SOURCE_FOR_STYLE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #45db74aa5c8ebf08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:15
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8dc7978801b270d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:16
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a61e90a9e526f2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:25
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79926e10ec8c7596 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:92
        if sentry_sdk.get_client().get_integration(QuartIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #933043f30d31948a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:123
                    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0cdc8e9c093dbf0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:129
                        current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c47d4aebf3cb2f0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:133
                    sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c8a927060f953fc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:159
            if has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8117d802224f561f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:172
    integration = sentry_sdk.get_client().get_integration(QuartIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ed793456ca75464 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:184
        sentry_sdk.get_current_scope(), integration.transaction_style, request_websocket

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37a5b2349224c383 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:187
    scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8128d5a60cac88d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:189
    if has_span_streaming_enabled(sentry_sdk.get_client().options):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #80e5f6c676d6744e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:269
    integration = sentry_sdk.get_client().get_integration(QuartIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc04c63e2c292fa6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:275
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a6c312939c52fc2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/quart.py:279
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #72761a5d58ce4e61 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c8a93307bdd2d64 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:6
from sentry_sdk.consts import OP, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8188c90d87c41aad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:7
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fce6db6187dd35e4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:8
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8dfc3247826d5132 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:9
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2ffcd1d6c50c5714 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:10
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aef0072688bb200f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:11
from sentry_sdk.utils import (
    event_from_exception,
    logger,
    package_version,
    qualname_from_function,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a68975dc41be82d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:31
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0abb3ad5a01da0e3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:35
    if sentry_sdk.get_client().is_active():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d98f30639ed46313 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:94
                    sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be2ba9afb0f9665a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:120
                    transaction = sentry_sdk.continue_trace(
                        _sentry_tracing or {},
                        op=OP.QUEUE_TASK_RAY,
                        name=qualname_from_function(user_f),
                        origin=RayIntegration.origin,
                        source=TransactionSource.TASK,
                    )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d566cfcef199a9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:128
                    with sentry_sdk.start_transaction(transaction) as transaction:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15f2de5c4bc8160c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:155
                    sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d1cd9df288174311 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:170
                            for k, v in sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #defb519d02d8affa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:183
                    with sentry_sdk.start_span(
                        op=OP.QUEUE_SUBMIT_RAY,
                        name=qualname_from_function(user_f),
                        origin=RayIntegration.origin,
                    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd8c730bdb3bd63a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:190
                            for k, v in sentry_sdk.get_current_scope().iter_trace_propagation_headers()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f538b2e1b6d61818 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:218
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39a2f4dbead473c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/ray.py:228
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #39595634e87e37d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #502723439c85e807 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:5
from sentry_sdk.integrations.redis.consts import _DEFAULT_MAX_DATA_SIZE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c9dd45fff238f73 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:6
from sentry_sdk.integrations.redis.rb import _patch_rb

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2c318fabe99b2470 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:7
from sentry_sdk.integrations.redis.redis import _patch_redis

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9b625e6c4ddc12b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:8
from sentry_sdk.integrations.redis.redis_cluster import _patch_redis_cluster

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f05a490ec38a66aa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:9
from sentry_sdk.integrations.redis.redis_py_cluster_legacy import _patch_rediscluster

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bd1d7b9b4bd44dc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/__init__.py:10
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #298090db111cb686 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da6c4dc07e58bee0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a8df87843a3c437 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:5
from sentry_sdk.integrations.redis.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf7425a1e23dcc95 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:6
from sentry_sdk.integrations.redis.modules.caches import (
    _compile_cache_span_properties,
    _set_cache_data,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0b8e97e9b88ab5d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:10
from sentry_sdk.integrations.redis.modules.queries import _compile_db_span_properties

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e674cc8051054607 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:11
from sentry_sdk.integrations.redis.utils import (
    _get_safe_command,
    _set_client_data,
    _set_pipeline_data,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0bf5b63de8bcd6c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:16
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28c89dca6368da68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:17
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #322fccde45e6f529 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:18
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #35e7d997b868a2c9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:27
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddeb9394a2efb0f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:38
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #04375b18a4e3605f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:41
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c772bc33456334fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:57
            span = sentry_sdk.start_span(
                op=OP.DB_REDIS,
                name="redis.pipeline.execute",
                origin=SPAN_ORIGIN,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2607501fa24b0543 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:94
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #90ecce249388ef2c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:99
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d328a818af8811dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:131
                cache_span = sentry_sdk.start_span(
                    op=cache_properties["op"],
                    name=cache_properties["description"],
                    origin=SPAN_ORIGIN,
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #54d71c2c4c8e2d83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_async_common.py:157
            db_span = sentry_sdk.start_span(
                op=db_properties["op"],
                name=db_properties["description"],
                origin=SPAN_ORIGIN,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69ade3ec6117ccfd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70ce7538147bc817 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ffae7a6cf87b1b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:5
from sentry_sdk.integrations.redis.consts import SPAN_ORIGIN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7135b526ac6d2aa7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:6
from sentry_sdk.integrations.redis.modules.caches import (
    _compile_cache_span_properties,
    _set_cache_data,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea3dc93f6f372f49 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:10
from sentry_sdk.integrations.redis.modules.queries import _compile_db_span_properties

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70369ea72d084188 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:11
from sentry_sdk.integrations.redis.utils import (
    _get_safe_command,
    _set_client_data,
    _set_pipeline_data,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9daae00180a7572 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:16
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd6ef6c846934d1d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:17
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #340789a33ae1ccdf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:18
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #570c6d74b58ee52c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:24
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c171f0291679ce5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:35
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad058808ff0a3ee3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:38
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e9a41b187f349f44 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:54
            span = sentry_sdk.start_span(
                op=OP.DB_REDIS,
                name="redis.pipeline.execute",
                origin=SPAN_ORIGIN,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a84189cdfc92abd1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:93
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a720478587a44811 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:98
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ddd846506f346575 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:130
                cache_span = sentry_sdk.start_span(
                    op=cache_properties["op"],
                    name=cache_properties["description"],
                    origin=SPAN_ORIGIN,
                )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #86cc038f5f85e4bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/_sync_common.py:156
            db_span = sentry_sdk.start_span(
                op=db_properties["op"],
                name=db_properties["description"],
                origin=SPAN_ORIGIN,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9b1c37ac3dc2fde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:5
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38bf211822136fcf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:6
from sentry_sdk.integrations.redis.utils import _get_safe_key, _key_as_string

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b000e9612ca93dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:7
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36f905f57f48ac5c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:8
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #217e7495359cc062 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:18
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68c69e088d058532 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/caches.py:19
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3c6832ceab639963 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:7
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e7c0037c70ac4d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:8
from sentry_sdk.integrations.redis.utils import _get_safe_command

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9238fc2e81ad8a5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:9
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #24481e596d62be30 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:10
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20bc852a7650e787 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:17
    from sentry_sdk.integrations.redis import RedisIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #818b575edf4abfd5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/modules/queries.py:18
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #be92dd41a3e27863 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/rb.py:7
from sentry_sdk.integrations.redis._sync_common import patch_redis_client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3a8d71aeee7b903 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/rb.py:8
from sentry_sdk.integrations.redis.modules.queries import _set_db_data

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f6a0392da57e903 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis.py:9
from sentry_sdk.integrations.redis._sync_common import (
    patch_redis_client,
    patch_redis_pipeline,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97b86fb36c38ee3b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis.py:13
from sentry_sdk.integrations.redis.modules.queries import _set_db_data

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b91c6607038868a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis.py:52
        from sentry_sdk.integrations.redis._async_common import (
            patch_redis_async_client,
            patch_redis_async_pipeline,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8cb8765baadf6255 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:10
from sentry_sdk.integrations.redis._sync_common import (
    patch_redis_client,
    patch_redis_pipeline,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68412a88aa1e9b3c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:14
from sentry_sdk.integrations.redis.modules.queries import _set_db_data_on_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0aa3c6c5343ea8b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:15
from sentry_sdk.integrations.redis.utils import _parse_rediscluster_command

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20bbe0eb33f0cb75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:16
from sentry_sdk.utils import capture_internal_exceptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9ad20651a2298ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:29
    from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc7a76e1e5d4abc9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:30
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #411cbdfdd6441186 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_cluster.py:100
        from sentry_sdk.integrations.redis._async_common import (
            patch_redis_async_client,
            patch_redis_async_pipeline,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b21c9b44ffd8fce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_py_cluster_legacy.py:8
from sentry_sdk.integrations.redis._sync_common import (
    patch_redis_client,
    patch_redis_pipeline,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96859219e910f8c0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_py_cluster_legacy.py:12
from sentry_sdk.integrations.redis.modules.queries import _set_db_data

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cda478f3c07402dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/redis_py_cluster_legacy.py:13
from sentry_sdk.integrations.redis.utils import _parse_rediscluster_command

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f2b7b8721457325 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:3
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18b3fb4c392088f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:4
from sentry_sdk.integrations.redis.consts import (
    _COMMANDS_INCLUDING_SENSITIVE_DATA,
    _MAX_NUM_ARGS,
    _MAX_NUM_COMMANDS,
    _MULTI_KEY_COMMANDS,
    _SINGLE_KEY_COMMANDS,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2836e4a958795bbb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:11
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6737565d803c32b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:12
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b1d143929afe7cfe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:13
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a1b6ab9b14e3258 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/redis/utils.py:14
from sentry_sdk.utils import SENSITIVE_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06569da6a924135f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5cad3eb3201479f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:5
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #abe6bdb268bf2442 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:6
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3729409a4f7c5ca9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:7
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f22e8a7f75ede9ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:8
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5bebd0f1926ffe85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:9
from sentry_sdk.scope import Scope, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e04cb8205d28ba8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:10
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5be79ac8d808b039 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:11
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8256bcc6cc3b0546 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:12
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c2f61b7a8f939d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:13
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    event_from_exception,
    format_timestamp,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57cb24fc69850b6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:45
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #889fd07d82131b37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:46
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b51a99438283a25 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:70
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4754010c3dcbb288 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:74
            with sentry_sdk.new_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b79dd356acbd4f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:116
                    with sentry_sdk.start_transaction(
                        transaction,
                        custom_sampling_context={"rq_job": job},
                    ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b300ca8a735cc2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:128
                sentry_sdk.get_client().flush()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9457209e34f5dbe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:158
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #451ed3cf9ce25239 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:162
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd2f0d99530b0efe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:220
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6770a371b79d1e45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rq.py:228
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #94afb081acc5beed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:37
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab42fd1d11ccd432 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:38
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25015369ff464157 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:39
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f2abde1f77196f83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:40
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #034d65c3bea24b1f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:41
from sentry_sdk.tracing import Span as SentrySpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #619a716b69572992 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:42
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0aa4debdf98e367d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:43
from sentry_sdk.utils import SENSITIVE_DATA_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4f949b395e44092 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:111
    sentry_sdk.capture_event(sentry_event)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f65aaf873111d1c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:122
    sentry_sdk.add_breadcrumb(level=level, message=message)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e11e4708519addf1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:209
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3457de4b9971bdae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/rust_tracing.py:227
        sentry_span = sentry_sdk.start_span(
            op="function",
            name=sentry_span_name,
            origin=self.origin,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ceb5fee8e18e617 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73a99c67f2797437 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:9
from sentry_sdk import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff60b6e1846a8c11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:10
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6307b6093f3947f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:11
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a6adf9cf4bac2c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:12
from sentry_sdk.integrations._wsgi_common import RequestExtractor, _filter_headers

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01fc83753b32399c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:13
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e91b13139e30cce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:14
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4dcb5ff44cdaa3a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:15
from sentry_sdk.traces import SegmentSource, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #073c078e2479220d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:16
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e40f45f3f3842e72 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:17
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d0e93a20ce0bfcb2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:18
from sentry_sdk.utils import (
    CONTEXTVARS_ERROR_MESSAGE,
    HAS_REAL_CONTEXTVARS,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    parse_version,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57dbf4231930f69a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:36
    from sentry_sdk._types import Event, EventProcessor, ExcInfo, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5a2e46fe646d8f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:166
        sentry_sdk.get_client().get_integration(SanicIntegration) is not None

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2aa726121c1f97c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:172
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac6d91321123fe1c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:176
    request.ctx._sentry_scope = sentry_sdk.isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38e181940b3f0624 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:211
        transaction = continue_trace(
            dict(request.headers),
            op=OP.HTTP_SERVER,
            # Unless the request results in a 404 error, the name and source will get overwritten in _set_transaction
            name=request.path,
            source=TransactionSource.URL,
            origin=SanicIntegration.origin,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #271a832eae023aee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:219
        request.ctx._sentry_root_span = sentry_sdk.start_transaction(
            transaction
        ).__enter__()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3295b63c9851d9ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:231
        integration = sentry_sdk.get_client().get_integration(SanicIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #82ed58d70e0e6c5c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:264
            scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2f2ca7eaaa4ebd11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:278
    if sentry_sdk.get_client().get_integration(SanicIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1800959a3d4f982 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:308
    if sentry_sdk.get_client().get_integration(SanicIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b10eca71433dc3ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:313
    with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c5d5b1343dccb7a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:326
    if sentry_sdk.get_client().get_integration(SanicIntegration) is not None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fa4557bb52eeb7d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:328
            scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a97657f43699eed8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:358
            client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7945be9d35b7e2c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sanic.py:365
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #402cd93ce1e12e80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cf17017d49912ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:6
from sentry_sdk.utils import event_from_exception, reraise

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79385098e1fb1cee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:35
            with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cda38b9cb0ed54c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:44
                        sentry_sdk.flush()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3628a6a67e71a77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:56
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d19645a61904f0dc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/serverless.py:63
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f355dabe6159dba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc86b74392cbfb8c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:4
from sentry_sdk._types import MYPY

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c01c4ff6093b3c13 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:5
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ed3ef4ee2720589 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:6
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2e2a41f29bf3dc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:7
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4ebf6d093b1a584 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:54
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b2143e8e0a8db74 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:75
            with sentry_sdk.start_span(
                op=OP.SOCKET_CONNECTION,
                name=_get_span_description(address[0], address[1]),
                origin=SocketIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b1fffe8a0f7f36e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:102
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #740d6ba7516a9512 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/socket.py:132
            with sentry_sdk.start_span(
                op=OP.SOCKET_DNS,
                name=_get_span_description(host, port),
                origin=SocketIntegration.origin,
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d1f4d636ef125749 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/__init__.py:1
from sentry_sdk.integrations.spark.spark_driver import SparkIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b4eb5cb3f7a6414 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/__init__.py:2
from sentry_sdk.integrations.spark.spark_worker import SparkWorkerIntegration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c4025271670335fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #443010aebfb90755 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:4
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a41953570d21a3e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:5
from sentry_sdk.utils import capture_internal_exceptions, ensure_integration_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #401eb8a780cdbd63 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:12
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da069507585fddc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:55
    scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3aeb78e35261634a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:60
            if sentry_sdk.get_client().get_integration(SparkIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #917ec8532d83f70a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:206
        sentry_sdk.get_isolation_scope().add_breadcrumb(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ebd72202acbb01e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_driver.py:211
        sentry_sdk.get_isolation_scope().clear_breadcrumbs()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2230b6f3ac6900ce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a52079d76a934947 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aed747c1539c8202 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:6
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_hint_with_exc_info,
    exc_info_from_error,
    single_exception_from_error_tuple,
    walk_exception_chain,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20e4b12514bccecb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:17
    from sentry_sdk._types import Event, ExcInfo, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f88d9f0784a0899f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:31
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0858b8362c5ef9ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:56
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb6d0827990b84b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:62
    scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7aa29f2794f98dbe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:67
            integration = sentry_sdk.get_client().get_integration(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d427965c5fbf4791 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/spark/spark_worker.py:106
        if sentry_sdk.get_client().get_integration(SparkWorkerIntegration) is not None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #76ee8c25aad684b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:1
from sentry_sdk.consts import SPANDATA, SPANSTATUS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20525e68d0e2caed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:2
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c5c9b80ae926110 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:3
from sentry_sdk.traces import SpanStatus, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #68440cfafdacf72e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:4
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4da05eb95a0ae58f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:5
from sentry_sdk.tracing_utils import (
    add_query_source,
    record_sql_queries,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c7087872a2db5a27 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sqlalchemy.py:9
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    parse_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e527e7b862570a9e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:10
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #443bffe5790f7669 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:11
from sentry_sdk._types import OVER_SIZE_LIMIT_SUBSTITUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cad81a0a5f20e8d8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:12
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fe1b006d363b8a0f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:13
from sentry_sdk.integrations import (
    _DEFAULT_FAILED_REQUEST_STATUS_CODES,
    DidNotEnable,
    Integration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16c7b35ca88cb8b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:18
from sentry_sdk.integrations._asgi_common import _RootPathInPath

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0f10650d8c64497 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:19
from sentry_sdk.integrations._wsgi_common import (
    DEFAULT_HTTP_METHODS_TO_CAPTURE,
    HttpCodeRangeContainer,
    _is_json_content_type,
    request_body_within_bounds,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b1e62e6ae27124f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:25
from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f893c06bf16fba4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:26
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fe8e356b56bf86d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:27
from sentry_sdk.traces import StreamedSpan, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb78af7c1027d061 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:28
from sentry_sdk.tracing import (
    SOURCE_FOR_STYLE,
    TransactionSource,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ee2b8ec749c0bd4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:32
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d00a8a660754685 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:33
from sentry_sdk.utils import (
    AnnotatedValue,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    parse_version,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2629bc50f96a398b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:54
    from sentry_sdk._types import Event, HttpStatusCodeRange

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e632657588e0c85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:179
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e4e42cd130fbc77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:188
            sentry_sdk.get_current_scope().set_transaction_name(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2774e434cb737f96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:209
            return sentry_sdk.start_span(
                op=op,
                name=name,
                origin=StarletteIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1569d74bdfb65162 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:277
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce461e5e40604b29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:281
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2788c7a87811374 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:304
                integration = sentry_sdk.get_client().get_integration(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cf59eb393c2281d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:391
    sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa2df06ba0c26017 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:454
        integration = sentry_sdk.get_client().get_integration(StarletteIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3299b5b2961c8586 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:528
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79e24a6e0e5dae54 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:536
        sentry_sdk.get_current_scope(),

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6fd482a3e6b495d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:541
    sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fc8c15bc0430e0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:602
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #796cffeaea2d4412 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:608
                current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #589c491f4b075924 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:619
                sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dbdee8fca7a7b7d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:691
                    sentry_sdk.get_current_scope().trace_propagation_meta()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12bb4f42573ce10b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlette.py:728
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20b944e5b8dee1f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e651f1d26a585d3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:4
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25cf076385110b03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f9e1bafa6227112 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:6
from sentry_sdk.integrations.asgi import SentryAsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2637d18f216f010 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:7
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f3fd86a8ac18f93 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:8
from sentry_sdk.tracing import SOURCE_FOR_STYLE, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b6281f8e5e9a81c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:9
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a27396b8df9dbe0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:10
from sentry_sdk.utils import (
    ensure_integration_enabled,
    event_from_exception,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2c00bcfd6aa76f41 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:52
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd6b0edb7b26dd47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:145
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0f256b986dd88872 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:162
            return sentry_sdk.start_span(
                op=op,
                name=name,
                origin=StarliteIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4df8a69846dee479 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:178
                if sentry_sdk.get_client().get_integration(StarliteIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d384a184688d0ab6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:194
                if sentry_sdk.get_client().get_integration(StarliteIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d7e04c3e5a92233 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:227
        if sentry_sdk.get_client().get_integration(StarliteIntegration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1304b456a618f639 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:230
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e75b7e7190539157 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:259
        sentry_sdk.set_transaction_name(name, source)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c49d3c4886518819 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:305
        sentry_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef03082f83cf7477 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:310
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #63df1e0094242f23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/starlite.py:314
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb543e55a7991345 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/statsig.py:4
from sentry_sdk.feature_flags import add_feature_flag

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23320db49e1919f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/statsig.py:5
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a923311c85beb63 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/statsig.py:6
from sentry_sdk.utils import parse_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f139166351751c2a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc1d0d3d8159510a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:9
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7549126f9f3b7142 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:10
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ecb789c0ebf7578 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:11
from sentry_sdk.scope import add_global_event_processor, should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18cdc4d18ec992a9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:12
from sentry_sdk.traces import StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5b33e28fda5b8fef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:13
from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a668a4aea0b2435 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:14
from sentry_sdk.tracing_utils import (
    EnvironHeaders,
    add_http_request_source,
    has_span_streaming_enabled,
    should_propagate_trace,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea7f016d1ea0bfca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:20
from sentry_sdk.utils import (
    SENSITIVE_DATA_SUBSTITUTE,
    capture_internal_exceptions,
    ensure_integration_enabled,
    is_sentry_url,
    logger,
    parse_url,
    safe_repr,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5153ef1fcb09cdd7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:33
    from sentry_sdk._types import Event, Hint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #59ca92926ddb01a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:55
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #883a5ce11dcbe165 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:95
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c43a7092db0397a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:135
            span = sentry_sdk.start_span(
                op=OP.HTTP_CLIENT,
                name="%s %s"
                % (method, parsed_url.url if parsed_url else SENSITIVE_DATA_SUBSTITUTE),
                origin="auto.http.stdlib.httplib",
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #efab4bc021418a38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:161
            ) in sentry_sdk.get_current_scope().iter_trace_propagation_headers(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0993a84ed169111e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:303
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32a44005cd91ec24 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:314
            span = sentry_sdk.start_span(
                op=OP.SUBPROCESS,
                name=description,
                origin="auto.subprocess.stdlib.subprocess",
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28f7ad5f8da05382 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:321
            for k, v in sentry_sdk.get_current_scope().iter_trace_propagation_headers(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f770ce57e66de59 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:354
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edda1c03aea4cd07 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:366
            with sentry_sdk.start_span(
                op=OP.SUBPROCESS_WAIT,
                origin="auto.subprocess.stdlib.subprocess",
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92ef34fa9960ba92 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:381
        span_streaming = has_span_streaming_enabled(sentry_sdk.get_client().options)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #da274d8bbd2e23d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:393
            with sentry_sdk.start_span(
                op=OP.SUBPROCESS_COMMUNICATE,
                origin="auto.subprocess.stdlib.subprocess",
            ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8bc29a7ddeb0e3b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5eafba63beafbe0d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:7
from sentry_sdk.consts import OP

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b192f711b3dcbaf8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:8
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e341a94e9bd5f96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:9
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a148af7193f8be1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:10
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7cd2f33c89fc24a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:11
from sentry_sdk.traces import SegmentSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #662fdac5b1a903c5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:12
from sentry_sdk.tracing import Span, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f4ecae6c81eddb0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:13
from sentry_sdk.tracing_utils import StreamedSpan, has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20aacfc0a0dca90a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:14
from sentry_sdk.utils import (
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    package_version,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9553459b21ce6ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:60
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4e45464f29f5d720 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:95
        integration = sentry_sdk.get_client().get_integration(StrawberryIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #053fe1a0ad7ee17d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:176
        sentry_sdk.add_breadcrumb(
            category="graphql.operation",
            data={
                "operation_name": operation_name,
                "operation_type": operation_type,
            },
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60462255b2dcdeb0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:184
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc4f3e6c85608c81 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:188
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10558450b4e4efa6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:209
            graphql_span = sentry_sdk.start_span(
                op=op,
                name=description,
                origin=StrawberryIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3561696d892392cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:243
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #829933fef3f6f681 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:255
            validation_span = sentry_sdk.start_span(
                op=OP.GRAPHQL_VALIDATE,
                name="validation",
                origin=StrawberryIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1b0ac621b4befd4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:271
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #434f6678f8779732 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:283
            parsing_span = sentry_sdk.start_span(
                op=OP.GRAPHQL_PARSE,
                name="parsing",
                origin=StrawberryIntegration.origin,
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b8d5be71728d7212 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:333
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79cbb5be627601c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:345
        with sentry_sdk.start_span(
            op=OP.GRAPHQL_RESOLVE,
            name="resolving {}".format(field_path),
            origin=StrawberryIntegration.origin,
        ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dad89ee13efb1542 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:372
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #104099ba99cf586c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:384
        with sentry_sdk.start_span(
            op=OP.GRAPHQL_RESOLVE,
            name="resolving {}".format(field_path),
            origin=StrawberryIntegration.origin,
        ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33b455c7c474b0d8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:420
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4a13fd6f5a1f48b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:428
                    client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad2c14b3f2d9ece4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/strawberry.py:434
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e7c49069384ab647 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70f04b107a16d754 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:5
from sentry_sdk._types import TYPE_CHECKING

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46924f4c8a7d0a76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:6
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4410c02333cca32f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:7
from sentry_sdk.utils import capture_internal_exceptions, event_from_exception

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ec284e1061bf1a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:41
            integration = sentry_sdk.get_client().get_integration(SysExitIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d54cc1bc9b1341f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:62
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51cad55477948dc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/sys_exit.py:65
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1b40570db1590e2f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:8
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fe9123b4e9b9efe4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:9
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #53e1f2b2dce6f0ff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:10
from sentry_sdk.scope import use_isolation_scope, use_scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52938cde4ff88053 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:11
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,
    logger,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dec5719224f6095c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:21
    from sentry_sdk._types import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d2d3cc5fa082ef9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:74
            integration = sentry_sdk.get_client().get_integration(ThreadingIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22b23bd0a4d320b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:87
                    isolation_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7be82aaeed56305b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:88
                    current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eddf5ee62b5bf283 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:91
                    isolation_scope = sentry_sdk.get_isolation_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0121f7de94d088e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:92
                    current_scope = sentry_sdk.get_current_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e34bbfae2967bb1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:157
        integration = sentry_sdk.get_client().get_integration(ThreadingIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21c4ff88f6febd48 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:162
            isolation_scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7755988397976b36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:163
            current_scope = sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #32cf531be2c92032 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:165
            isolation_scope = sentry_sdk.get_isolation_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9345c6dcf810e42c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:166
            current_scope = sentry_sdk.get_current_scope().fork()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ebec0fca90f72c4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:187
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09309a31edcc3004 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/threading.py:194
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3cdc0299c567edd6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91d901aa2f2d7aa1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:6
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c92c0146a9152bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:7
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1fb26e3125fd38fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:8
from sentry_sdk.integrations import DidNotEnable, Integration, _check_minimum_version

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83fcd4f7bf6dff51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:9
from sentry_sdk.integrations._wsgi_common import (
    RequestExtractor,
    _filter_headers,
    _is_json_content_type,
    request_body_within_bounds,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #647ffcaa5dc44550 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:15
from sentry_sdk.integrations.logging import ignore_logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aae0d66af1aba091 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:16
from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2519e189df0c4ebc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:17
from sentry_sdk.traces import SegmentSource, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b23c19206b1f8ef6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:18
from sentry_sdk.tracing import TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b21620664dd6549d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:19
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec407418c6477ce9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:20
from sentry_sdk.utils import (
    CONTEXTVARS_ERROR_MESSAGE,
    HAS_REAL_CONTEXTVARS,
    AnnotatedValue,
    capture_internal_exceptions,
    ensure_integration_enabled,
    event_from_exception,
    transaction_from_function,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #df430e27d8a95034 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:42
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c7fc0d873fc445a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:43
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #984000e403c29901 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:110
    integration = sentry_sdk.get_client().get_integration(TornadoIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #27439aa4299d104a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:117
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c076fc0f394a7704 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:120
    with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d2200b6f672ea3d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:157
            span_ctx = sentry_sdk.start_transaction(
                transaction,
                custom_sampling_context={"tornado_request": self.request},
            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62b6702628e91df6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:229
    if not request_body_within_bounds(sentry_sdk.get_client(), len(body)):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc50e49a910c851e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:242
        client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ed27b32c44eda4a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/tornado.py:246
    sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cbfb2294b9082a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:1
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a93f78f69eb7922c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:2
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #915241abfa9dfdcd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:3
from sentry_sdk.integrations.wsgi import SentryWsgiMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #08fc13e7c77ad7c3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:4
from sentry_sdk.utils import ensure_integration_enabled, event_from_exception

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f95764bead3da17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:34
                client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f4eadb06173c374 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/trytond.py:40
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ca43bba7fabfc29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:3
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f5b9a64e5159129 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:4
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25e4ca05285f2407 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:5
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b6d42e369c72107e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:40
        integration = sentry_sdk.get_client().get_integration(TyperIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #37e6725d15b59191 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:51
                client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6a5ba5299b396f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/typer.py:54
            sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23761b98a5c9c899 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unleash.py:4
from sentry_sdk.feature_flags import add_feature_flag

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f05ce5f13bf47c30 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unleash.py:5
from sentry_sdk.integrations import DidNotEnable, Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c85d99951a674932 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d84bedd226d5ab29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:5
from sentry_sdk.integrations import Integration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26d78360fe3797bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:6
from sentry_sdk.utils import (
    capture_internal_exceptions,
    event_from_exception,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22bd79585faa5365 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:27
        integration = sentry_sdk.get_client().get_integration(UnraisablehookIntegration)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #289fbb93b2aaa90c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:43
                    client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c09a3f2ee171594c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/unraisablehook.py:46
                sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1707e15670770729 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:5
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c19dfc96f87f1e29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:6
from sentry_sdk._werkzeug import _get_headers, get_host

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3d716098cb9e67be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:7
from sentry_sdk.api import continue_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #918f5616fff939fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:8
from sentry_sdk.consts import OP, SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0072bffc1f7e8f26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:9
from sentry_sdk.integrations._wsgi_common import (
    DEFAULT_HTTP_METHODS_TO_CAPTURE,
    _filter_headers,
    nullcontext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b7c413ab1aae01b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:14
from sentry_sdk.scope import Scope, should_send_default_pii, use_isolation_scope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #068f6e5ede87b323 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:15
from sentry_sdk.sessions import track_session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0e25fe7b0cbf6778 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:16
from sentry_sdk.traces import SegmentSource, StreamedSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d41d5346ef7ace6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:17
from sentry_sdk.tracing import Span, TransactionSource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7d7176e0c0f43b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:18
from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #447fe28df9ff1aa4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:19
from sentry_sdk.utils import (
    ContextVar,
    capture_internal_exceptions,
    event_from_exception,
    reraise,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d527e713df9a06d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:40
    from sentry_sdk._types import Event, EventProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce0dbfc4a694a73e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:41
    from sentry_sdk.utils import ExcInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb90f859cfeed7bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:111
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7139b630efad79ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:116
            with sentry_sdk.isolation_scope() as scope:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03aa4c7815fd4ac6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:162
                            span_ctx = sentry_sdk.start_transaction(
                                transaction,
                                custom_sampling_context={"wsgi_environ": environ},
                            )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #afbdb44e1d3e1b0a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:286
            client_options=sentry_sdk.get_client().options,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #42bc16393b64ac3a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/integrations/wsgi.py:289
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e94d214944af9f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/logger.py:6
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #20b0e571d97be1de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/logger.py:7
from sentry_sdk.utils import capture_internal_exceptions, format_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #60fde8855399136e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/logger.py:10
    from sentry_sdk._types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #31b65255a1b28b73 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/logger.py:54
    sentry_sdk.get_current_scope()._capture_log(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0eab06dab277e740 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/metrics.py:4
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ff554323a13c66e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/metrics.py:5
from sentry_sdk.utils import format_attribute

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d86649588488aeea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/metrics.py:8
    from sentry_sdk._types import Attributes, Metric, MetricType

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1eab114166067bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/metrics.py:35
    sentry_sdk.get_current_scope()._capture_metric(metric)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f15d3bec13af94de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/monitor.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b97fb65d8ece6ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/monitor.py:8
from sentry_sdk.utils import logger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7aae652079e99125 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/__init__.py:1
from sentry_sdk.profiler.continuous_profiler import (
    start_profile_session,
    start_profiler,
    stop_profile_session,
    stop_profiler,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c4fff26483ce703 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/__init__.py:7
from sentry_sdk.profiler.transaction_profiler import (
    MAX_PROFILE_DURATION_NS,
    PROFILE_MINIMUM_SAMPLES,
    GeventScheduler,
    Profile,
    Scheduler,
    ThreadScheduler,
    has_profiling_enabled,
    setup_profiler,
    teardown_profiler,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96d741ffac4147ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/__init__.py:18
from sentry_sdk.profiler.utils import (
    DEFAULT_SAMPLING_FREQUENCY,
    MAX_STACK_DEPTH,
    extract_frame,
    extract_stack,
    frame_id,
    get_frame_name,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a3ee7cafa975423 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:13
from sentry_sdk._lru_cache import LRUCache

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e4c173b3adf49c54 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:14
from sentry_sdk.consts import VERSION

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09777fae6a7ab501 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:15
from sentry_sdk.envelope import Envelope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b6bac903bf93b9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:16
from sentry_sdk.profiler.utils import (
    DEFAULT_SAMPLING_FREQUENCY,
    extract_stack,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91b0ac65330516b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:20
from sentry_sdk.utils import (
    capture_internal_exception,
    is_gevent,
    logger,
    now,
    set_in_app_in_frames,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #77c7f7ada5f484e6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:33
    from sentry_sdk._types import ContinuousProfilerMode, SDKInfo

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #541c8aa939f9e2c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/continuous_profiler.py:34
    from sentry_sdk.profiler.utils import (
        ExtractedSample,
        FrameId,
        ProcessedFrame,
        ProcessedStack,
        StackId,
        ThreadId,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b170fdec630b056 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:41
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8829b326dd87f0ad Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:42
from sentry_sdk._lru_cache import LRUCache

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #65a02e2c9e7a14f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:43
from sentry_sdk.profiler.utils import (
    DEFAULT_SAMPLING_FREQUENCY,
    extract_stack,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dbc8f108e4cf2240 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:47
from sentry_sdk.utils import (
    capture_internal_exception,
    capture_internal_exceptions,
    get_current_thread_meta,
    is_gevent,
    is_valid_sample_rate,
    logger,
    nanosecond_time,
    set_in_app_in_frames,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57102e97758cf38f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:63
    from sentry_sdk._types import Event, ProfilerMode, SamplingContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8720c078b9d379f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:64
    from sentry_sdk.profiler.utils import (
        ExtractedSample,
        FrameId,
        ProcessedFrame,
        ProcessedStack,
        ProcessedThreadMetadata,
        StackId,
        ThreadId,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ff8041f480712b1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:281
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #83e706723aef77c2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:346
        scope = sentry_sdk.get_isolation_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2adb2758668fd0df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/transaction_profiler.py:481
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43255767229f1847 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/utils.py:5
from sentry_sdk._compat import PY311

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #459a78c9455abcac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/utils.py:6
from sentry_sdk.utils import filename_for_module

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd0094fd41b762d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/profiler/utils.py:14
    from sentry_sdk._lru_cache import LRUCache

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc7745fd9bb7a6aa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:14
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aecfe040ed8b8eb0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:15
from sentry_sdk._types import AnnotatedValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8a82da2572a25f8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:16
from sentry_sdk.attachments import Attachment

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #710704c6fb2ca85b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:17
from sentry_sdk.consts import (
    DEFAULT_MAX_BREADCRUMBS,
    FALSE_VALUES,
    INSTRUMENTER,
    SPANDATA,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3140484f27436828 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:23
from sentry_sdk.feature_flags import DEFAULT_FLAG_CAPACITY, FlagBuffer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2597e4e01c1ada57 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:24
from sentry_sdk.profiler.continuous_profiler import (
    get_profiler_id,
    try_autostart_continuous_profiler,
    try_profile_lifecycle_trace_start,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #282edbac6e3784b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:29
from sentry_sdk.profiler.transaction_profiler import Profile

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03c825f46aac41f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:30
from sentry_sdk.session import Session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a4233625d41fa76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:31
from sentry_sdk.traces import (
    _DEFAULT_PARENT_SPAN,
    NoOpStreamedSpan,
    StreamedSpan,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62b2ea06f7914759 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:36
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    SENTRY_TRACE_HEADER_NAME,
    NoOpSpan,
    Span,
    Transaction,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cfd48ea8e75cba4c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:43
from sentry_sdk.tracing_utils import (
    Baggage,
    PropagationContext,
    _make_sampling_decision,
    has_span_streaming_enabled,
    has_tracing_enabled,
    is_ignored_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c3fa934fdb5308f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:51
from sentry_sdk.utils import (
    ContextVar,
    capture_internal_exception,
    capture_internal_exceptions,
    datetime_from_isoformat,
    disable_capture_event,
    event_from_exception,
    exc_info_from_error,
    format_attribute,
    has_logs_enabled,
    has_metrics_enabled,
    logger,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a00e59f416b5d4f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:84
    import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #79bb3efcd4433833 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:85
    from sentry_sdk._types import (
        Attributes,
        AttributeValue,
        Breadcrumb,
        BreadcrumbHint,
        ErrorProcessor,
        Event,
        EventProcessor,
        ExcInfo,
        Hint,
        Log,
        LogLevelStr,
        Metric,
        SamplingContext,
        Type,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #26d5bab4b129d06e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:101
    from sentry_sdk.tracing import TransactionKwargs

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #84eec067f6acf967 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:378
        from sentry_sdk.client import SDK_INFO

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #65887288682ae424 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:392
        options = sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b933ac5569e2135c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:513
            sentry_sdk.get_global_scope().set_global_attributes()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #245b399e91ed5098 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:1232
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c3e532393ebb7752 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:2205
from sentry_sdk.client import NonRecordingClient

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f78a1ac0a35448f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scope.py:2208
    import sentry_sdk.client

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #76d81189feb97627 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scrubber.py:3
from sentry_sdk.utils import (
    AnnotatedValue,
    capture_internal_exceptions,
    iter_event_frames,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38a9eee2dc5e56df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/scrubber.py:12
    from sentry_sdk._types import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96b38d1abe4b72e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/serializer.py:8
from sentry_sdk.utils import (
    AnnotatedValue,
    capture_internal_exception,
    disable_capture_event,
    format_timestamp,
    safe_repr,
    strip_string,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c045315db208cf5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/serializer.py:21
    from sentry_sdk._types import NotImplementedType

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #009efa03c5e3ee86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/session.py:5
from sentry_sdk.utils import format_timestamp

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #faf923a7b3e82a23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/session.py:10
    from sentry_sdk._types import SessionStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc4ccc1f3294965c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/sessions.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b268ec550aa81b47 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/sessions.py:8
from sentry_sdk.envelope import Envelope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46eb8ff7683a5fa6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/sessions.py:9
from sentry_sdk.session import Session

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7fcce6ce1df2c7b3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/sessions.py:10
from sentry_sdk.utils import format_timestamp

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51a7683554f35314 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/sessions.py:92
        client_options = sentry_sdk.get_client().options

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fddfe248d1b6e722 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:17
from sentry_sdk.envelope import Envelope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0791d82a89df3c1c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:18
from sentry_sdk.utils import (
    capture_internal_exceptions,
    env_to_bool,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7842e791ee3335c8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:22
from sentry_sdk.utils import (
    logger as sentry_logger,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c65fde79ea62abc5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:121
            import sentry_sdk.api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cc33f4eaa95df29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:17
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #717ab77e44ae3935 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:18
from sentry_sdk.consts import SPANDATA

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c026c41d659c96e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:19
from sentry_sdk.profiler.continuous_profiler import (
    get_profiler_id,
    try_autostart_continuous_profiler,
    try_profile_lifecycle_trace_start,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6d8ece6ed8938bf6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:24
from sentry_sdk.tracing_utils import Baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a072e453924e0454 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:25
from sentry_sdk.utils import (
    capture_internal_exceptions,
    format_attribute,
    get_current_thread_meta,
    logger,
    nanosecond_time,
    should_be_treated_as_error,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff9b87834f0b8c73 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:46
    from sentry_sdk._types import Attributes, AttributeValue, SpanJSON

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #862e12f4b047c8ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:47
    from sentry_sdk.profiler.continuous_profiler import ContinuousProfile

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c198dbdd3b4aecd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:169
    from sentry_sdk.tracing_utils import has_span_streaming_enabled

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5518f5112a35041d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:171
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #073482855b87517d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:181
    return sentry_sdk.get_current_scope().start_streamed_span(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7fc65125f22cbf08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:204
    sentry_sdk.get_isolation_scope().generate_propagation_context(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #19aec65ec2d8de71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:207
    sentry_sdk.get_current_scope().generate_propagation_context(

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #613e7708c9ed9d9b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:224
    sentry_sdk.get_isolation_scope().set_new_propagation_context()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a2da378873ac0acb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:225
    sentry_sdk.get_current_scope().set_new_propagation_context()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b2aafad04f9a78d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:410
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a01852c62f4e9f9e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:577
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8673c3b60ca2130 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:674
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01e91bb1318e1487 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:834
    from sentry_sdk.tracing_utils import (
        create_streaming_span_decorator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5013df0157e24095 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/traces.py:859
    scope = scope or sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22afe81dea94bb08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:7
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #96db88400ea63219 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:8
from sentry_sdk.consts import INSTRUMENTER, SPANDATA, SPANSTATUS, SPANTEMPLATE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b381fb4398a5db1f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:9
from sentry_sdk.profiler.continuous_profiler import get_profiler_id

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61527e5645d4dc7c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:10
from sentry_sdk.utils import (
    capture_internal_exceptions,
    get_current_thread_meta,
    is_valid_sample_rate,
    logger,
    nanosecond_time,
    should_be_treated_as_error,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c88158c2d0b2babd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:39
    from sentry_sdk._types import (
        Event,
        MeasurementUnit,
        MeasurementValue,
        SamplingContext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cb596b726bbd7a2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:45
    from sentry_sdk.profiler.continuous_profiler import ContinuousProfile

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae5584d37c04c278 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:46
    from sentry_sdk.profiler.transaction_profiler import Profile

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a5dd38ad393d83f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:389
        scope = self.scope or sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc7fb84c3a9da395 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:439
        configuration_instrumenter = sentry_sdk.get_client().options["instrumenter"]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8b1e24377281d68a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:677
        scope = scope or sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4223473b9ca6250d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:970
        scope = scope or self.scope or sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c75305faf356e6cf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:971
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0b5afae15ef8723 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:1185
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #981b6ce316efb4ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:1451
    from sentry_sdk.tracing_utils import create_span_decorator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b428a212095659f6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing.py:1468
from sentry_sdk.tracing_utils import (
    Baggage,
    EnvironHeaders,
    _generate_sample_rand,
    extract_sentrytrace_data,
    has_tracing_enabled,
    maybe_create_breadcrumbs_from_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bfa7e7c811b4763c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:22
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1b7ad5b071712457 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:23
from sentry_sdk.consts import OP, SPANDATA, SPANTEMPLATE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #504047004a9b7f65 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:24
from sentry_sdk.utils import (
    _is_external_source,
    _is_in_project_root,
    _module_in_list,
    capture_internal_exceptions,
    filename_for_module,
    is_sentry_url,
    is_valid_sample_rate,
    logger,
    match_regex_list,
    qualname_from_function,
    safe_repr,
    to_string,
    try_convert,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #982dd883f6507172 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:44
    from sentry_sdk._types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #581d479f98ada9d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:140
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1be48dc9cd3ebd80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:164
        sentry_sdk.add_breadcrumb(message=query, category="query", data=data)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cdc0b9e40e7a615e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:183
        with sentry_sdk.start_span(
            op=span_op_override_value if span_op_override_value is not None else OP.DB,
            name=query,
            origin=span_origin,
        ) as span:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6f513094267a671 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:345
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bdf603a13dbe5768 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:391
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bb82d69aa33565a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:777
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9bd3a213e0bdfe1e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:810
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1cbc6cd76e99e5d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:858
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0d28823155a4dc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1006
    from sentry_sdk.scope import should_send_default_pii

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58f02e8af23e3313 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1130
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6c50a0486ce33b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1153
            client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46dc375bed617776 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1187
    scope = scope or sentry_sdk.get_current_scope()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef4dd5b5b61b5f12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1491
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f7b83c6be239ff3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1554
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7b21064455e6f8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1649
    client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7b58e8d5ddc3904e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1693
from sentry_sdk.traces import (
    LOW_QUALITY_SEGMENT_SOURCES,
    StreamedSpan,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #684a4c6b1067649c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1697
from sentry_sdk.traces import (
    start_span as start_streaming_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5fb825a7bb147910 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1700
from sentry_sdk.tracing import (
    BAGGAGE_HEADER_NAME,
    LOW_QUALITY_TRANSACTION_SOURCES,
    SENTRY_TRACE_HEADER_NAME,
    Span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b29ca1c847216da6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/tracing_utils.py:1708
    from sentry_sdk.tracing import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #998aec6720891278 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:45
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a256b3378742d43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:46
from sentry_sdk.consts import EndpointType

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6fae7cf8d8450ebc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:47
from sentry_sdk.envelope import Envelope, Item, PayloadRef

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38704cdc498395ef Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:48
from sentry_sdk.utils import (
    Dsn,
    capture_internal_exceptions,
    logger,
    mark_sentry_task_internal,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98755b3935d6dbcc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:54
from sentry_sdk.worker import AsyncWorker, BackgroundWorker, Worker

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #292913fc822538ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:72
    from sentry_sdk._types import Event, EventDataCategory

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #86b5d346c2e80478 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/transport.py:220
        from sentry_sdk.consts import VERSION

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3838b1abfe257e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/types.py:15
    from sentry_sdk._types import (
        Breadcrumb,
        BreadcrumbHint,
        Event,
        EventDataCategory,
        Hint,
        Log,
        Metric,
        MonitorConfig,
        SamplingContext,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f46c7721bb3b7e59 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:31
import sentry_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #576e213a7b2e6a12 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:32
from sentry_sdk._compat import PY37

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7cc07ce9db0cfa71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:33
from sentry_sdk._types import SENSITIVE_DATA_SUBSTITUTE, Annotated, AnnotatedValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b495b8c8728242d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:34
from sentry_sdk.consts import (
    DEFAULT_ADD_FULL_STACK,
    DEFAULT_MAX_STACK_FRAMES,
    EndpointType,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa324f0e559eb5d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:64
    from sentry_sdk._types import (
        AttributeValue,
        Event,
        ExcInfo,
        Hint,
        Log,
        Metric,
        SerializedAttributeValue,
        SpanJSON,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e1b5863eff399ec5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:240
    if sentry_sdk.get_client().is_active():

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #679b0ab460474eeb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:616
        from sentry_sdk.serializer import serialize

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #faaa08294d48953e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:1540
        client = sentry_sdk.get_client()

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0f6489639beac5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:1546
        sentry_sdk.capture_event(event, hint=hint)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c674e929a9c7f4c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/utils.py:1883
            if sentry_sdk.get_client().get_integration(integration) is None:

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a15421ef411b99c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/worker.py:8
from sentry_sdk._queue import FullError, Queue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #73d6cfd2e20ca39d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/worker.py:9
from sentry_sdk.consts import DEFAULT_QUEUE_SIZE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cffe1ed8d4f7470b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/sentry_sdk/worker.py:10
from sentry_sdk.utils import logger, mark_sentry_task_internal

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 57 low-confidence finding(s)
low env_fs dependency Excluded from app score #a3c3e8cb919a7979 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/client.py:324
        rv["dsn"] = os.environ.get("SENTRY_DSN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31f18618d86cb23a Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/client.py:330
        rv["environment"] = os.environ.get("SENTRY_ENVIRONMENT") or "production"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9bb13df6686017a Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/client.py:333
        rv["debug"] = env_to_bool(os.environ.get("SENTRY_DEBUG"), strict=True) or False

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #955412773db40f23 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/client.py:369
            env_to_bool(os.environ.get("SENTRY_KEEP_ALIVE"), strict=True) or False

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d96fe54833159352 Filesystem access.
pkgs/python/[email protected]/sentry_sdk/envelope.py:177
                    with open(self.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dea74a3b88358955 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/aws_lambda.py:472
    region = environ.get("AWS_REGION", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #470347ab7f7bd89b Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:50
        configured_time = environ.get("FUNCTION_TIMEOUT_SEC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2aac2d3959e31e32 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:69
                scope.set_tag("gcp_region", environ.get("FUNCTION_REGION"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8672605cd51b4f9e Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:110
                    "function_name": environ.get("FUNCTION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #801621de56777c1f Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:111
                    "function_entry_point": environ.get("ENTRY_POINT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #495d5df5cdb8aaae Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:112
                    "function_identity": environ.get("FUNCTION_IDENTITY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6de8b7ce2ef3b9c5 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:113
                    "function_region": environ.get("FUNCTION_REGION"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce5378843a956990 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:114
                    "function_project": environ.get("GCP_PROJECT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #716d2ca696eef1c5 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:119
            function_name = environ.get("FUNCTION_NAME", "<unknown GCP function>")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01d439805200b9ad Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:121
            if environ.get("GCP_PROJECT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75080aee780a531b Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:122
                additional_attributes["gcp.project.id"] = environ.get("GCP_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #655fc0ab86583548 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:124
            if environ.get("FUNCTION_IDENTITY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #876142d884fcb94c Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:125
                additional_attributes["faas.identity"] = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ce5bdd4c708c43d Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:125
                additional_attributes["faas.identity"] = environ.get(
                    "FUNCTION_IDENTITY"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63e38cb1686ea23b Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:129
            if environ.get("ENTRY_POINT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be1bfc1fa3606ee7 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:130
                additional_attributes["faas.entry_point"] = environ.get("ENTRY_POINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9d606cdcbd1e153 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:152
                    name=environ.get("FUNCTION_NAME", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cd399c7e959b14a Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:217
            "function_name": environ.get("FUNCTION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be81af07d935ccd2 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:218
            "function_entry_point": environ.get("ENTRY_POINT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #739ec33fb5d86468 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:219
            "function_identity": environ.get("FUNCTION_IDENTITY"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9db45ae86d14bf28 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:220
            "function_region": environ.get("FUNCTION_REGION"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a95401d23308d77 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:221
            "function_project": environ.get("GCP_PROJECT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5729de74956ec174 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:232
        request["url"] = "gcp:///{}".format(environ.get("FUNCTION_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d0bc4efeab0470e Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:279
        project=environ.get("GCP_PROJECT"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ae469fcd6f39061 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:280
        function_name=environ.get("FUNCTION_NAME"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4e23894721bfca9 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/gcp.py:281
        region=environ.get("FUNCTION_REGION"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63dcd0566f8502cd Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:330
                        lambda x: dict(x if x is not None else os.environ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55fbebfe9b0bce94 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/integrations/stdlib.py:404
    return EnvironHeaders(os.environ, prefix="SUBPROCESS_")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35c3bfb12949702d Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/scope.py:534
            os.environ.get("SENTRY_USE_ENVIRONMENT") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a87096b5edf194b Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/scope.py:540
            if os.environ.get("SENTRY_TRACE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7535ce22b1edac3e Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/scope.py:542
                    os.environ.get("SENTRY_TRACE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d04711b347195357 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/scope.py:545
            if os.environ.get("SENTRY_BAGGAGE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01449a832f7b269b Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/scope.py:547
                    os.environ.get("SENTRY_BAGGAGE") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #291741b1ea37a396 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:243
    spotlight_env_value = os.environ.get("SENTRY_SPOTLIGHT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e89cce1d209460d7 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:314
            and env_to_bool(os.environ.get("SENTRY_SPOTLIGHT_ON_ERROR", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a04b88096cb382d5 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/spotlight.py:315
            and env_to_bool(os.environ.get("SENTRY_SPOTLIGHT_MIDDLEWARE", "1"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e9b37a90cd90bfb Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:570
            or os.environ.get("SSL_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ad7702f93d59146 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:571
            or os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73f65fe660b58501 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:574
        cert_file = self.options["cert_file"] or os.environ.get("CLIENT_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e9c92d1f42997dd Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:575
        key_file = self.options["key_file"] or os.environ.get("CLIENT_KEY_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cfc2818d3602211 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:771
            or os.environ.get("SSL_CERT_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe7da6b367033448 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:772
            or os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4993fee2c27517d0 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:776
        options["cert_file"] = self.options["cert_file"] or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65135ce58c669103 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:776
        options["cert_file"] = self.options["cert_file"] or os.environ.get(
            "CLIENT_CERT_FILE"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f038fc39fefd85d2 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:779
        options["key_file"] = self.options["key_file"] or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2376f7c7f77c9c91 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:779
        options["key_file"] = self.options["key_file"] or os.environ.get(
            "CLIENT_KEY_FILE"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc4962ba34d582e8 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:1250
    if transport is not None and os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #002a2849913f6981 Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/transport.py:1250
    if transport is not None and os.environ.get(
        "SENTRY_PRINT_ENVELOPES", ""
    ).lower() in ("1", "true", "yes"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3909a80a135cb877 Filesystem access.
pkgs/python/[email protected]/sentry_sdk/utils.py:123
        with open(os.path.devnull, "w+") as null:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a9075c9e6ebefcb Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/utils.py:150
    release = os.environ.get("SENTRY_RELEASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe84f036af5e51ee Environment-variable access.
pkgs/python/[email protected]/sentry_sdk/utils.py:167
        release = os.environ.get(var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d1f2449c6be5dad Filesystem access.
pkgs/python/[email protected]/setup.py:19
    with open(os.path.join(here, file_name)) as in_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-sdk

python dependency
medium telemetry dependency Excluded from app score #883903fe329915ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:20
from opentelemetry._logs import set_logger_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9aaeaceb91d158fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:21
from opentelemetry.environment_variables import (
    OTEL_LOGS_EXPORTER,
    OTEL_METRICS_EXPORTER,
    OTEL_PYTHON_ID_GENERATOR,
    OTEL_TRACES_EXPORTER,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a076287ceb414b88 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:27
from opentelemetry.metrics import set_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0a2071d3c6a6fc2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:28
from opentelemetry.sdk._logs import (
    LoggerProvider,
    LoggingHandler,
    LogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ffa781a624be424 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:33
from opentelemetry.sdk._logs._internal import _LoggerConfiguratorT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #396405b5612de5b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:34
from opentelemetry.sdk._logs.export import (
    BatchLogRecordProcessor,
    LogRecordExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e366204f93b6a83f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    _OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED,
    OTEL_CONFIG_FILE,
    OTEL_EXPORTER_OTLP_LOGS_PROTOCOL,
    OTEL_EXPORTER_OTLP_METRICS_PROTOCOL,
    OTEL_EXPORTER_OTLP_PROTOCOL,
    OTEL_EXPORTER_OTLP_TRACES_PROTOCOL,
    OTEL_PYTHON_LOGGER_CONFIGURATOR,
    OTEL_PYTHON_METER_CONFIGURATOR,
    OTEL_PYTHON_TRACER_CONFIGURATOR,
    OTEL_TRACES_SAMPLER,
    OTEL_TRACES_SAMPLER_ARG,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cd58864fdf45d9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:51
from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6295f20261acb92f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:52
from opentelemetry.sdk.metrics._internal import _MeterConfiguratorT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eab49402464be906 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:53
from opentelemetry.sdk.metrics.export import (
    MetricExporter,
    MetricReader,
    PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1b385596ef8ba8aa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:58
from opentelemetry.sdk.resources import Attributes, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #46485f2560c0e8aa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:59
from opentelemetry.sdk.trace import (
    SpanProcessor,
    TracerProvider,
    _TracerConfiguratorT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e06afece14fb31a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:64
from opentelemetry.sdk.trace.export import BatchSpanProcessor, SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #082b54697308a2a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:65
from opentelemetry.sdk.trace.id_generator import IdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f46e7f01cdc48fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:66
from opentelemetry.sdk.trace.sampling import Sampler

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb6b162bab1de290 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:67
from opentelemetry.semconv.resource import ResourceAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #69fb8030b0f0a5de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:68
from opentelemetry.trace import set_tracer_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #16aa49448c33ff42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:69
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b84ff0661945a2d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:324
        from opentelemetry._events import (  # noqa: PLC0415
            set_event_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e77936956c52edcc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:327
        from opentelemetry.sdk._events import (  # noqa: PLC0415
            EventLoggerProvider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85798dbbe422e803 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:729
            from opentelemetry.sdk._configuration._sdk import (  # noqa: PLC0415
                configure_sdk,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c8e22e6b4fc64d23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:732
            from opentelemetry.sdk._configuration.file._loader import (  # noqa: PLC0415
                load_config_file,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a4b45f4df2aaf19 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_common.py:12
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #db32e372527ebf52 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_common.py:13
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #631165881c1ab706 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:8
from opentelemetry._logs import set_logger_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a9bdb1d3fa44db7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:9
from opentelemetry.sdk._configuration._common import (
    _map_compression,
    _parse_headers,
    load_entry_point,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e07c2ca7f8a23945 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:14
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c4c4c6eeaaccab9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:15
from opentelemetry.sdk._configuration.models import (
    BatchLogRecordProcessor as BatchLogRecordProcessorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0729f56030e766e0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:18
from opentelemetry.sdk._configuration.models import (
    LoggerProvider as LoggerProviderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6c7348f71a8455a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:21
from opentelemetry.sdk._configuration.models import (
    LogRecordExporter as LogRecordExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #345311d11443c99b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:24
from opentelemetry.sdk._configuration.models import (
    LogRecordProcessor as LogRecordProcessorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97d9c3501967d8ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:27
from opentelemetry.sdk._configuration.models import (
    OtlpGrpcExporter as OtlpGrpcExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a6d49740388223f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:30
from opentelemetry.sdk._configuration.models import (
    OtlpHttpExporter as OtlpHttpExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec48aa1e1cec3a70 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:33
from opentelemetry.sdk._configuration.models import (
    SimpleLogRecordProcessor as SimpleLogRecordProcessorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a58ee61ea2f9fb0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:36
from opentelemetry.sdk._logs import LoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e59e91d8e9ea372 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:37
from opentelemetry.sdk._logs._internal.export import (
    BatchLogRecordProcessor,
    ConsoleLogRecordExporter,
    LogRecordExporter,
    SimpleLogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f9a0cd93796ec6b8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:43
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #898a4c692c369624 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:65
        from opentelemetry.exporter.otlp.proto.http import (  # type: ignore[import-untyped]  # noqa: PLC0415
            Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5ca82a734cac4d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:68
        from opentelemetry.exporter.otlp.proto.http._log_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #331de2a4568c4c22 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_logger_provider.py:99
        from opentelemetry.exporter.otlp.proto.grpc._log_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPLogExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2ccce06157088b50 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:8
from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f46fa703cd044f3c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:9
from opentelemetry.sdk._configuration._common import (
    _map_compression,
    _parse_headers,
    load_entry_point,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac478be116d4a9c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:14
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bdc8eba2d3106661 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:15
from opentelemetry.sdk._configuration.models import (
    Aggregation as AggregationConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #98bdadf55a019a5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:18
from opentelemetry.sdk._configuration.models import (
    ConsoleMetricExporter as ConsoleMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d1aafbaafb55c4c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:21
from opentelemetry.sdk._configuration.models import (
    ExemplarFilter as ExemplarFilterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b676f8d3c1bc27f9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:24
from opentelemetry.sdk._configuration.models import (
    ExperimentalPrometheusMetricExporter as PrometheusMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #43aa809b5581c602 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:27
from opentelemetry.sdk._configuration.models import (
    ExporterDefaultHistogramAggregation,
    ExporterTemporalityPreference,
    InstrumentType,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5786c1e471b57f21 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:32
from opentelemetry.sdk._configuration.models import (
    MeterProvider as MeterProviderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #554f782db86a717e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:35
from opentelemetry.sdk._configuration.models import (
    MetricReader as MetricReaderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2c7a3e557f89b44a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:38
from opentelemetry.sdk._configuration.models import (
    OtlpGrpcMetricExporter as OtlpGrpcMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f41ee90eecb0e5d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:41
from opentelemetry.sdk._configuration.models import (
    OtlpHttpMetricExporter as OtlpHttpMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fbb44ed6b1723ad3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:44
from opentelemetry.sdk._configuration.models import (
    PeriodicMetricReader as PeriodicMetricReaderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac4ff24347fb96b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:47
from opentelemetry.sdk._configuration.models import (
    PullMetricExporter as PullMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0e3af441478a3bb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:50
from opentelemetry.sdk._configuration.models import (
    PullMetricReader as PullMetricReaderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f06afec9d5b9028c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:53
from opentelemetry.sdk._configuration.models import (
    PushMetricExporter as PushMetricExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cefc192ff55dc6b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:56
from opentelemetry.sdk._configuration.models import (
    View as ViewConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #97b666b8a6f4d9b9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:59
from opentelemetry.sdk.metrics import (
    AlwaysOffExemplarFilter,
    AlwaysOnExemplarFilter,
    Counter,
    Histogram,
    MeterProvider,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    TraceBasedExemplarFilter,
    UpDownCounter,
    _Gauge,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d42d8cdcaa6381cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:72
from opentelemetry.sdk.metrics.export import (
    AggregationTemporality,
    ConsoleMetricExporter,
    MetricExporter,
    MetricReader,
    PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #729cecd584c8f606 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:79
from opentelemetry.sdk.metrics.view import (
    Aggregation,
    DefaultAggregation,
    DropAggregation,
    ExplicitBucketHistogramAggregation,
    ExponentialBucketHistogramAggregation,
    LastValueAggregation,
    SumAggregation,
    View,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #78eab30ca6f52951 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:89
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b391310f1910017b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:275
        from opentelemetry.exporter.otlp.proto.http import (  # type: ignore[import-untyped]  # noqa: PLC0415
            Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ece8b257401e861 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:278
        from opentelemetry.exporter.otlp.proto.http.metric_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8c9fd00557693b0d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:315
        from opentelemetry.exporter.otlp.proto.grpc.metric_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPMetricExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #477ff7118a34978b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_meter_provider.py:415
        from opentelemetry.exporter.prometheus import (  # type: ignore[import-untyped]  # noqa: PLC0415
            PrometheusMetricReader,
            start_http_server,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8e436ccd2bc42763 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:6
from opentelemetry.baggage.propagation import W3CBaggagePropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9a04e2d0018cefd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:7
from opentelemetry.propagate import set_global_textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f668abc91a398078 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:8
from opentelemetry.propagators.composite import CompositePropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf623b8da38e7033 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:9
from opentelemetry.propagators.textmap import TextMapPropagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66c6917890266617 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:10
from opentelemetry.sdk._configuration._common import load_entry_point

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7579856e1951c566 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:11
from opentelemetry.sdk._configuration.models import (
    Propagator as PropagatorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ed21c102028d91d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:14
from opentelemetry.sdk._configuration.models import (
    TextMapPropagator as TextMapPropagatorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #64805da09dbb5da8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_propagator.py:17
from opentelemetry.trace.propagation.tracecontext import (
    TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06804958dd8fef2b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:14
from opentelemetry.sdk._configuration._common import load_entry_point

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #134e8caaa1ed317b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:15
from opentelemetry.sdk._configuration.models import (
    AttributeNameValue,
    AttributeType,
    ExperimentalResourceDetector,
    IncludeExclude,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #64e2c675ce9e18f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:21
from opentelemetry.sdk._configuration.models import Resource as ResourceConfig

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6a64819bd6c34690 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:22
from opentelemetry.sdk.resources import (
    _DEFAULT_RESOURCE,
    OTEL_SERVICE_NAME,
    SERVICE_NAME,
    ProcessResourceDetector,
    Resource,
    ServiceInstanceIdResourceDetector,
    _HostResourceDetector,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #953c14153a7bc5a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:31
from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb6a9f3c21c21d45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:15
from opentelemetry.sdk._configuration._logger_provider import (
    configure_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a231a68499982fb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:18
from opentelemetry.sdk._configuration._meter_provider import (
    configure_meter_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e3c27c3a101daf9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:21
from opentelemetry.sdk._configuration._propagator import configure_propagator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #442889d841835856 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:22
from opentelemetry.sdk._configuration._resource import create_resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e8dcf5d4430d78fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:23
from opentelemetry.sdk._configuration._tracer_provider import (
    configure_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #592f7bf20fbaeabf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_sdk.py:26
from opentelemetry.sdk._configuration.models import OpenTelemetryConfiguration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #923d5ace195f1482 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:8
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #516a18054d90ff32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:9
from opentelemetry.sdk._configuration._common import (
    _map_compression,
    _parse_headers,
    load_entry_point,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #274ae632bb165dc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:14
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #332683e3ed972400 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:15
from opentelemetry.sdk._configuration.models import (
    ExperimentalComposableRuleBasedSampler as RuleBasedSamplerConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7886aa975cda074b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:18
from opentelemetry.sdk._configuration.models import (
    ExperimentalComposableRuleBasedSamplerRule as RuleBasedSamplerRuleConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #755295f85bbfa3f1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:21
from opentelemetry.sdk._configuration.models import (
    ExperimentalComposableSampler as ComposableSamplerConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d3aef91286aac5c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:24
from opentelemetry.sdk._configuration.models import (
    OtlpGrpcExporter as OtlpGrpcExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #93b5b37a46c2393d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:27
from opentelemetry.sdk._configuration.models import (
    OtlpHttpExporter as OtlpHttpExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d3e19584e2f84e15 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:30
from opentelemetry.sdk._configuration.models import (
    ParentBasedSampler as ParentBasedSamplerConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f2497209e569f6cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:33
from opentelemetry.sdk._configuration.models import (
    Sampler as SamplerConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5418c15f800c44f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:36
from opentelemetry.sdk._configuration.models import (
    SpanExporter as SpanExporterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f565dc7bd5d7f036 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:39
from opentelemetry.sdk._configuration.models import (
    SpanLimits as SpanLimitsConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6eb830952e088fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:42
from opentelemetry.sdk._configuration.models import (
    SpanProcessor as SpanProcessorConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f15d96bcb3cc2d9b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:45
from opentelemetry.sdk._configuration.models import (
    TracerProvider as TracerProviderConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a7bbfc71f0f2355 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:48
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f13770b4a0555e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:49
from opentelemetry.sdk.trace import (
    _DEFAULT_OTEL_EVENT_ATTRIBUTE_COUNT_LIMIT,
    _DEFAULT_OTEL_LINK_ATTRIBUTE_COUNT_LIMIT,
    _DEFAULT_OTEL_SPAN_ATTRIBUTE_COUNT_LIMIT,
    _DEFAULT_OTEL_SPAN_EVENT_COUNT_LIMIT,
    _DEFAULT_OTEL_SPAN_LINK_COUNT_LIMIT,
    SpanLimits,
    TracerProvider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3faf0f970dc4ec42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:58
from opentelemetry.sdk.trace._sampling_experimental import (
    ComposableSampler,
    composable_always_off,
    composable_always_on,
    composable_parent_threshold,
    composable_rule_based,
    composable_traceid_ratio_based,
    composite_sampler,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e824fab66a6aa72e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:67
from opentelemetry.sdk.trace._sampling_experimental._rule_based import (
    AllPredicate,
    AlwaysMatchPredicate,
    AttributePatternsPredicate,
    AttributeValuesPredicate,
    ParentPredicate,
    PredicateT,
    RulesT,
    SpanKindPredicate,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4513594489d69765 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:77
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,
    ConsoleSpanExporter,
    SimpleSpanProcessor,
    SpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #47e4ceedab40e085 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:83
from opentelemetry.sdk.trace.sampling import (
    ALWAYS_OFF,
    ALWAYS_ON,
    ParentBased,
    Sampler,
    TraceIdRatioBased,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03d383ae827509fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:90
from opentelemetry.trace import SpanKind as TraceSpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0580fbf362914029 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:104
        from opentelemetry.exporter.otlp.proto.http import (  # type: ignore[import-untyped]  # noqa: PLC0415
            Compression,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4effe0614589fc76 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:107
        from opentelemetry.exporter.otlp.proto.http.trace_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e6f5dd94a72e0ead Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_tracer_provider.py:138
        from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (  # type: ignore[import-untyped]  # noqa: PLC0415
            OTLPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36bffd6d204e8261 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:16
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23c0f3f7b068927d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:17
from opentelemetry.sdk._configuration._logger_provider import (
    configure_logger_provider,
    create_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #109237b59f62cece Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:21
from opentelemetry.sdk._configuration._meter_provider import (
    configure_meter_provider,
    create_meter_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8e9514e22b56ef1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:25
from opentelemetry.sdk._configuration._propagator import (
    configure_propagator,
    create_propagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #082dfccdc46ccd85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:29
from opentelemetry.sdk._configuration._resource import create_resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #980df3e05cf7d871 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:30
from opentelemetry.sdk._configuration._sdk import configure_sdk

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a05277b1567246b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:31
from opentelemetry.sdk._configuration._tracer_provider import (
    configure_tracer_provider,
    create_tracer_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4c91f13c7e15b0b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:35
from opentelemetry.sdk._configuration.file._env_substitution import (
    EnvSubstitutionError,
    substitute_env_vars,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d2e568f70b10bc6e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/__init__.py:39
from opentelemetry.sdk._configuration.file._loader import load_config_file

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c681fdc011b20285 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:13
from opentelemetry.sdk._configuration._conversion import _dict_to_dataclass

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd650aecb978119d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:14
from opentelemetry.sdk._configuration._exceptions import ConfigurationError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d887590106a08202 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:15
from opentelemetry.sdk._configuration.file._env_substitution import (
    substitute_env_vars,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a193afb4cfe1ab6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:18
from opentelemetry.sdk._configuration.models import OpenTelemetryConfiguration

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #724491c581e20bff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/models.py:11
from opentelemetry.sdk._configuration._common import _additional_properties

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a3f162a38cf048e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:9
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e5a9898d7350067 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:10
from opentelemetry._events import Event

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d107d67d383089d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:11
from opentelemetry._events import EventLogger as APIEventLogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1030246a3a707382 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:12
from opentelemetry._events import EventLoggerProvider as APIEventLoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6e8911fc8ad87a17 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:13
from opentelemetry._logs import (
    LogRecord,
    NoOpLogger,
    SeverityNumber,
    get_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #585b2f9a19681bbf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:19
from opentelemetry.sdk._logs import Logger, LoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #555ff1d8b613ee34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_events/__init__.py:20
from opentelemetry.util.types import _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a705c475d9dd7ae8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/__init__.py:4
from opentelemetry.sdk._logs._internal import (
    LogDroppedAttributesWarning,
    Logger,
    LoggerProvider,
    LoggingHandler,
    LogLimits,
    LogRecordDroppedAttributesWarning,
    LogRecordLimits,
    LogRecordProcessor,
    ReadableLogRecord,
    ReadWriteLogRecord,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c35203be866178a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:28
from opentelemetry._logs import Logger as APILogger

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7d4f1a32119d5157 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:29
from opentelemetry._logs import LoggerProvider as APILoggerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7dec5392e40b776b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:30
from opentelemetry._logs import (
    LogRecord,
    NoOpLogger,
    SeverityNumber,
    get_logger,
    get_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b29af3fb653c67fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:37
from opentelemetry.attributes import _VALID_ANY_VALUE_TYPES, BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d07da17928a1e3c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:38
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc016d58c82a8587 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:39
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3ad6a6a08be92918 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:40
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6230560ddace07b5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:41
from opentelemetry.sdk._logs._internal._exceptions import (
    _copy_log_record_with_exception,
    _create_log_record_with_exception,
    _set_log_record_exception_attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ce04a6f2e77e753 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:46
from opentelemetry.sdk._logs._internal._logger_metrics import (
    LoggerMetricsT,
    create_logger_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3b23638740b21f8f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:50
from opentelemetry.sdk.environment_variables import (
    OTEL_ATTRIBUTE_COUNT_LIMIT,
    OTEL_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,
    OTEL_SDK_DISABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57e1e95a8bd412bc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:56
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #704127d5364de5ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:59
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0af383ec5ff1379a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:60
from opentelemetry.sdk.util import ns_to_iso_str

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0b123e4d03621b6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:61
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e52df1af4600f0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:62
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a73a72e92d92ca5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:65
from opentelemetry.semconv._incubating.attributes import code_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f960869e199d4a22 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:66
from opentelemetry.semconv.attributes import exception_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b84e141ea71bd9df Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:67
from opentelemetry.trace import (
    format_span_id,
    format_trace_id,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #738227de6efad289 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:71
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #52b100209f9aec44 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:7
from opentelemetry._logs import LogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61998c0ff0b62508 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:8
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9dbef174d86a91a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:9
from opentelemetry.semconv.attributes import exception_attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2754511b62d8ff0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_exceptions.py:10
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1df73be70fbde90 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_logger_metrics.py:6
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dfe615200bde1908 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/_logger_metrics.py:7
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_log_created,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #908e9cbf1e13b47d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:15
from opentelemetry.context import (
    _ON_EMIT_RECURSION_COUNT_KEY,
    _SUPPRESS_INSTRUMENTATION_KEY,
    attach,
    detach,
    get_value,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5c4359d029637b4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:23
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f081a5c6b6920887 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:24
from opentelemetry.sdk._logs import (
    LogRecordProcessor,
    ReadableLogRecord,
    ReadWriteLogRecord,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8f74ff857f633bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:29
from opentelemetry.sdk._shared_internal import (
    BatchProcessor,
    DuplicateFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51379b0b1fa31562 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:33
from opentelemetry.sdk._shared_internal._processor_metrics import (
    create_processor_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f3dc6bc21159509 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:36
from opentelemetry.sdk.environment_variables import (
    OTEL_BLRP_EXPORT_TIMEOUT,
    OTEL_BLRP_MAX_EXPORT_BATCH_SIZE,
    OTEL_BLRP_MAX_QUEUE_SIZE,
    OTEL_BLRP_SCHEDULE_DELAY,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #78607570ddb0c4f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:43
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b6b383c2cc832f3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:46
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38ba5ec6d5458e36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:47
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1a62bf5376522756 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/in_memory_log_exporter.py:9
from opentelemetry.sdk._logs import ReadableLogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6757877ffc483d78 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/in_memory_log_exporter.py:10
from opentelemetry.sdk._logs.export import (
    LogRecordExporter,
    LogRecordExportResult,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad494b605ff56d75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/export/__init__.py:4
from opentelemetry.sdk._logs._internal.export import (
    BatchLogRecordProcessor,
    ConsoleLogExporter,
    ConsoleLogRecordExporter,
    LogExporter,
    LogExportResult,
    LogRecordExporter,
    LogRecordExportResult,
    SimpleLogRecordProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7dfbe006ee45835b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/export/__init__.py:16
from opentelemetry.sdk._logs._internal.export.in_memory_log_exporter import (
    InMemoryLogExporter,
    InMemoryLogRecordExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2e1e7cfcec6e535d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:21
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58e5e1dfd37d8b8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:27
from opentelemetry.sdk._shared_internal._processor_metrics import (
    ProcessorMetricsT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0f4d9a6710e6a6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/__init__.py:30
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #70f8f4593f0af1d8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:10
from opentelemetry.metrics import CallbackOptions, MeterProvider, Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #015d9ff16e629078 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:11
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_COMPONENT_NAME,
    OTEL_COMPONENT_TYPE,
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #57c276887febac1d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:16
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    OTEL_SDK_PROCESSOR_LOG_QUEUE_SIZE,
    OTEL_SDK_PROCESSOR_SPAN_QUEUE_SIZE,
    create_otel_sdk_processor_log_processed,
    create_otel_sdk_processor_log_queue_capacity,
    create_otel_sdk_processor_span_processed,
    create_otel_sdk_processor_span_queue_capacity,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4b93a3b11be28a8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/_shared_internal/_processor_metrics.py:24
from opentelemetry.semconv.attributes.error_attributes import ERROR_TYPE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b25ca4abfd3b876e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/error_handler/__init__.py:54
from opentelemetry.util._importlib_metadata import entry_points

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #925204d1224d8b3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:5
from opentelemetry.sdk.metrics import export, view

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38730a7127aae620 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:6
from opentelemetry.sdk.metrics._internal import Meter, MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f8b07c69f9ce639 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:7
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8bf5294d27a6e456 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:8
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlignedHistogramBucketExemplarReservoir,
    AlwaysOffExemplarFilter,
    AlwaysOnExemplarFilter,
    Exemplar,
    ExemplarFilter,
    ExemplarReservoir,
    SimpleFixedSizeExemplarReservoir,
    TraceBasedExemplarFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #338bd5cfb93f0a32 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:18
from opentelemetry.sdk.metrics._internal.instrument import (
    Counter,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3047a94095a9a39c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/__init__.py:26
from opentelemetry.sdk.metrics._internal.instrument import Gauge as _Gauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #026da8febe0f1dd0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:14
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f1f1bc247173066 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:15
from opentelemetry.metrics import Counter as APICounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3494a465b7e7024c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:16
from opentelemetry.metrics import Histogram as APIHistogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6544d0508a367726 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:17
from opentelemetry.metrics import Meter as APIMeter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c1cb385147ddbd53 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:18
from opentelemetry.metrics import MeterProvider as APIMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58d6e2de58f56a34 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:19
from opentelemetry.metrics import NoOpMeter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #043c9cdf6f7cedbd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:20
from opentelemetry.metrics import ObservableCounter as APIObservableCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8588f22a4ae9a3f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:21
from opentelemetry.metrics import ObservableGauge as APIObservableGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ccb452a93a19c4cc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:22
from opentelemetry.metrics import (
    ObservableUpDownCounter as APIObservableUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #795969454c6dba08 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:25
from opentelemetry.metrics import UpDownCounter as APIUpDownCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f575fd8932db0b4f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:26
from opentelemetry.metrics import _Gauge as APIGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #93e49bbbfe98581e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:27
from opentelemetry.sdk.environment_variables import (
    OTEL_METRICS_EXEMPLAR_FILTER,
    OTEL_SDK_DISABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02afed818fbbf132 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:31
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1bf9dc6aab58bf8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:32
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlwaysOffExemplarFilter,
    AlwaysOnExemplarFilter,
    ExemplarFilter,
    TraceBasedExemplarFilter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #272c590ade706ebd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:38
from opentelemetry.sdk.metrics._internal.instrument import (
    _Counter,
    _Gauge,
    _Histogram,
    _ObservableCounter,
    _ObservableGauge,
    _ObservableUpDownCounter,
    _UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6f633d3171111d85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:47
from opentelemetry.sdk.metrics._internal.measurement_consumer import (
    MeasurementConsumer,
    SynchronousMeasurementConsumer,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f299ac2307882189 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:51
from opentelemetry.sdk.metrics._internal.sdk_configuration import (
    SdkConfiguration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e2169d56ab38ca5f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:54
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1333367b43c8b0a7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:55
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d50f42529d52a553 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:56
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c0a7b2689fad6647 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:59
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dd128d1c1afebbb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:60
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #11dbb201d226ec44 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:11
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    AggregationTemporality,
    DefaultAggregation,
    _Aggregation,
    _SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #991bdf02e67ae15b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:18
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a0c9301a6219a35 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:19
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ca85a1a9c33d915 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:20
from opentelemetry.sdk.metrics._internal.point import DataPointT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0be0126e8536b45e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/_view_instrument_match.py:21
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e650ca4346f58972 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:20
from opentelemetry.metrics import (
    Asynchronous,
    Counter,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    Synchronous,
    UpDownCounter,
    _Gauge,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38b767e045604e4c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:31
from opentelemetry.sdk.metrics._internal.exemplar import (
    Exemplar,
    ExemplarReservoirBuilder,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a1d079a18c4fccdf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:35
from opentelemetry.sdk.metrics._internal.exponential_histogram.buckets import (
    Buckets,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1de60f5eed4917d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:38
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2b5a984cfc0e0f3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:41
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.exponent_mapping import (
    ExponentMapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8dd4b669bbf0f70b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:44
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.logarithm_mapping import (
    LogarithmMapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1e8c0fda8c64dfd7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:47
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0657dba28e672c95 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:48
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bc721fb78e841164 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:49
from opentelemetry.sdk.metrics._internal.point import Buckets as BucketsPoint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #328486bd6cedfa0b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:50
from opentelemetry.sdk.metrics._internal.point import (
    ExponentialHistogramDataPoint,
    HistogramDataPoint,
    NumberDataPoint,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b9c73328def2ed26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:56
from opentelemetry.sdk.metrics._internal.point import Gauge as GaugePoint

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #45e553eda0a17edf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:57
from opentelemetry.sdk.metrics._internal.point import (
    Histogram as HistogramPoint,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #17a5472b611fba80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/aggregation.py:60
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #170d76d53f911b0c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar.py:6
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2ce4308e5b772e05 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:6
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee704032c50a518a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:7
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f3b95acaa581223 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:8
from opentelemetry.trace.span import INVALID_SPAN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7cb1a6936eadf049 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_filter.py:9
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #883af48623b442d8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:12
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #740aa2a5cd5805bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:13
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e6874a9faf26add Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:14
from opentelemetry.trace.span import INVALID_SPAN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10928a745dc14d8f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exemplar/exemplar_reservoir.py:15
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b92ccc5bcb1442ba Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:7
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b4b733aac143233d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:10
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.errors import (
    MappingOverflowError,
    MappingUnderflowError,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f3573dd0faca72f9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/exponent_mapping.py:14
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.ieee_754 import (
    MANTISSA_WIDTH,
    MAX_NORMAL_EXPONENT,
    MIN_NORMAL_EXPONENT,
    MIN_NORMAL_VALUE,
    get_ieee_754_exponent,
    get_ieee_754_mantissa,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #44a170bcb9046f04 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:7
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping import (
    Mapping,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff7679bed8c52209 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:10
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.errors import (
    MappingOverflowError,
    MappingUnderflowError,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09d1a438456fce6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/exponential_histogram/mapping/logarithm_mapping.py:14
from opentelemetry.sdk.metrics._internal.exponential_histogram.mapping.ieee_754 import (
    MAX_NORMAL_EXPONENT,
    MIN_NORMAL_EXPONENT,
    MIN_NORMAL_VALUE,
    get_ieee_754_exponent,
    get_ieee_754_mantissa,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc1f7d58d8bc1212 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:21
import opentelemetry.sdk.metrics._internal

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff8bbd4cde3ba540 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:22
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #924f33b3acf5cc39 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:28
from opentelemetry.metrics import MeterProvider, NoOpMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f7d21bfba03ddace Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:29
from opentelemetry.sdk.environment_variables import (
    OTEL_METRIC_EXPORT_INTERVAL,
    OTEL_METRIC_EXPORT_TIMEOUT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc9436f1752e4960 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:34
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02151d91b67b4e38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:37
from opentelemetry.sdk.metrics._internal.aggregation import (
    AggregationTemporality,
    DefaultAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6909703ad53bfea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:41
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02a3b421090a8b28 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:42
from opentelemetry.sdk.metrics._internal.instrument import (
    Counter,
    Gauge,
    Histogram,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,
    _Counter,
    _Gauge,
    _Histogram,
    _ObservableCounter,
    _ObservableGauge,
    _ObservableUpDownCounter,
    _UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85a261b308daf07a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:58
from opentelemetry.sdk.metrics._internal.point import MetricsData

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12a9ca54f6b3b9de Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:59
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ccc1a9eb49ab63ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:62
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b0992f50fe72bb6c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:7
from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #571ca812ade451d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:8
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_COMPONENT_NAME,
    OTEL_COMPONENT_TYPE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9661e996a4d693a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/_metric_reader_metrics.py:12
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_metric_reader_collection_duration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b2e95fa8125535d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:18
from opentelemetry.context import Context, get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21cac7829148dabe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:19
from opentelemetry.metrics import Asynchronous, CallbackT, Synchronous

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aad98017e685cc6b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:20
from opentelemetry.metrics import Counter as APICounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #41dfdbb9834de230 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:21
from opentelemetry.metrics import Histogram as APIHistogram

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fea6d04327c790c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:22
from opentelemetry.metrics import ObservableCounter as APIObservableCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef86dc0258f67ed4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:23
from opentelemetry.metrics import ObservableGauge as APIObservableGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a8f5c78b5f017b2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:24
from opentelemetry.metrics import (
    ObservableUpDownCounter as APIObservableUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d223879435633549 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:27
from opentelemetry.metrics import UpDownCounter as APIUpDownCounter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bd24c0d83bb53784 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:28
from opentelemetry.metrics import _Gauge as APIGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb8059792fc679a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:29
from opentelemetry.metrics._internal.instrument import (
    CallbackOptions,
    _MetricsHistogramAdvisory,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cb57d69edc9e7e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:33
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ee7ea03bf93dadd2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:36
    from opentelemetry.sdk.metrics._internal import (
        _ProxyMeterConfig,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5fd581faa8cf269f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:39
    from opentelemetry.sdk.metrics._internal.measurement_consumer import (
        MeasurementConsumer,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #22f67bb521845bd9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/instrument.py:42
    from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62be1387642695f3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:9
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4c063b669bc0b14f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #668991772a18279a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement.py:13
    from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5d5d6998bef220c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:12
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7bdafbe948c0cff4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:13
import opentelemetry.sdk.metrics._internal.instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3889ca75f37aa9cd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:14
from opentelemetry.metrics._internal.instrument import CallbackOptions

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e83ac333f3490e4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:15
from opentelemetry.sdk.metrics._internal.exceptions import MetricsTimeoutError

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f7225ca62dae614 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:16
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d2b18c825159d36f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:17
from opentelemetry.sdk.metrics._internal.metric_reader_storage import (
    MetricReaderStorage,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cd2d218e2f7587fd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/measurement_consumer.py:20
from opentelemetry.sdk.metrics._internal.point import MetricsData

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #44e5b506830f8855 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:8
from opentelemetry.metrics import (
    Asynchronous,
    Counter,
    ObservableCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3bb18cb99dc9861c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:13
from opentelemetry.sdk.metrics._internal._view_instrument_match import (
    _ViewInstrumentMatch,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06ed02c8409fb78c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:16
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    AggregationTemporality,
    ExplicitBucketHistogramAggregation,
    _DropAggregation,
    _ExplicitBucketHistogramAggregation,
    _ExponentialBucketHistogramAggregation,
    _LastValueAggregation,
    _SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #85c85a0f00ebe551 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:26
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7ed16d35d32fdd75 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:27
from opentelemetry.sdk.metrics._internal.measurement import Measurement

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb1ec75bed8623e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:28
from opentelemetry.sdk.metrics._internal.point import (
    ExponentialHistogram,
    Gauge,
    Histogram,
    Metric,
    MetricsData,
    ResourceMetrics,
    ScopeMetrics,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9d09e406ba34fc9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:38
from opentelemetry.sdk.metrics._internal.sdk_configuration import (
    SdkConfiguration,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dc524ca88773cf2c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:41
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #067a0581ad7492d9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/metric_reader_storage.py:42
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #acdcfec4c0f544e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:11
import opentelemetry.sdk.metrics._internal

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a9b83abe559e2f8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:12
from opentelemetry.sdk.metrics._internal.exemplar import Exemplar

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #33ea07d119f78180 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:13
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a979cef36ecb5b85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:14
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ab0004272b35465c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/point.py:15
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49488e141ce4dc36 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/sdk_configuration.py:10
import opentelemetry.sdk.metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ef7592c8285292ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/sdk_configuration.py:11
import opentelemetry.sdk.resources

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25f97029b76358fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:9
from opentelemetry.metrics import Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #392b5fbbe52a2612 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:10
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    DefaultAggregation,
    _Aggregation,
    _ExplicitBucketHistogramAggregation,
    _ExponentialBucketHistogramAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9f0220a660bdf0ae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:17
from opentelemetry.sdk.metrics._internal.exemplar import (
    AlignedHistogramBucketExemplarReservoir,
    ExemplarReservoirBuilder,
    SimpleFixedSizeExemplarReservoir,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f4b63007d80d649e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/view.py:22
from opentelemetry.sdk.metrics._internal.instrument import _Instrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7dedc6bcade36915 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:5
from opentelemetry.sdk.metrics._internal.aggregation import (
    AggregationTemporality,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09cfeb48743ec58f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:8
from opentelemetry.sdk.metrics._internal.export import (
    ConsoleMetricExporter,
    InMemoryMetricReader,
    MetricExporter,
    MetricExportResult,
    MetricReader,
    PeriodicExportingMetricReader,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61ba8bdac32dd494 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/export/__init__.py:18
from opentelemetry.sdk.metrics._internal.point import (  # noqa: F401
    Buckets,
    DataPointT,
    DataT,
    ExponentialHistogram,
    ExponentialHistogramDataPoint,
    Gauge,
    Histogram,
    HistogramDataPoint,
    Metric,
    MetricsData,
    NumberDataPoint,
    ResourceMetrics,
    ScopeMetrics,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03596509b9c32777 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/view/__init__.py:4
from opentelemetry.sdk.metrics._internal.aggregation import (
    Aggregation,
    DefaultAggregation,
    DropAggregation,
    ExplicitBucketHistogramAggregation,
    ExponentialBucketHistogramAggregation,
    LastValueAggregation,
    SumAggregation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0ce89ffa637c75cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/view/__init__.py:13
from opentelemetry.sdk.metrics._internal.view import View

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e13f76eb31a505d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:67
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4f8f7310ce2f6a42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:68
from opentelemetry.sdk.environment_variables import (
    OTEL_EXPERIMENTAL_RESOURCE_DETECTORS,
    OTEL_RESOURCE_ATTRIBUTES,
    OTEL_SERVICE_NAME,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a46da93e71358846 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:73
from opentelemetry.sdk.version import (
    __version__ as _OPENTELEMETRY_SDK_VERSION,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8566120211e7831a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:76
from opentelemetry.semconv.resource import ResourceAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af2e275f48bbb43e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:77
from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #29dba779d803beb7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:525
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,  # type: ignore[reportUnknownVariableType]

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9651f6238c84d497 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:33
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #18950ce5bc11360a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:34
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2c3813347af14746 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:35
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #15ceb6cb122d9ba9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:36
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6ec9641d8e4e2708 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:37
from opentelemetry.sdk import util

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a89b825b6717a31 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:38
from opentelemetry.sdk.environment_variables import (
    OTEL_ATTRIBUTE_COUNT_LIMIT,
    OTEL_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_EVENT_ATTRIBUTE_COUNT_LIMIT,
    OTEL_LINK_ATTRIBUTE_COUNT_LIMIT,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,
    OTEL_SDK_DISABLED,
    OTEL_SPAN_ATTRIBUTE_COUNT_LIMIT,
    OTEL_SPAN_ATTRIBUTE_VALUE_LENGTH_LIMIT,
    OTEL_SPAN_EVENT_COUNT_LIMIT,
    OTEL_SPAN_LINK_COUNT_LIMIT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #91a20ef0778e7b11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:50
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #de5f9b7c5be43ee4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:53
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #453f72fb93c1d97f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:54
from opentelemetry.sdk.trace import sampling

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1591001c034105c1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:55
from opentelemetry.sdk.trace._tracer_metrics import create_tracer_metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1fd2ebd99d9e4949 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:56
from opentelemetry.sdk.trace.id_generator import IdGenerator, RandomIdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b6ea9938bfc3285 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:57
from opentelemetry.sdk.util import BoundedList

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #305d56f7edd92f53 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:58
from opentelemetry.sdk.util._configurator import RuleBasedConfigurator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #666f24e30437b081 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:59
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationInfo,
    InstrumentationScope,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fac8809298cda88f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:63
from opentelemetry.semconv.attributes.exception_attributes import (
    EXCEPTION_ESCAPED,
    EXCEPTION_MESSAGE,
    EXCEPTION_STACKTRACE,
    EXCEPTION_TYPE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #797b3e8052f512d3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:69
from opentelemetry.trace import NoOpTracer, SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23cbe7de433c800a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:70
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0cafdc4fb8b566d1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:71
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dca961334e9a3187 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:72
from opentelemetry.util._decorator import _agnosticcontextmanager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6b1f9d5e5ec25143 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #261e8b0c82f4ef79 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a794c21535a57cbb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_off.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cfb5bf75a488720b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #25de6b3fca13c7a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4d1ead491a6f75a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_always_on.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e04f4b8fe37e95a5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:10
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #62a7449b29842e82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:11
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dcb4ad1a327296e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_composable.py:12
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8855374cb3e14f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10a0971c3943bba4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:9
from opentelemetry.trace import Link, SpanKind, TraceState, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cba7940b4a226111 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_parent_threshold.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aab35c00e2f54838 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:11
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d51901decba8ec69 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:12
from opentelemetry.trace import (
    Link,
    SpanKind,
    TraceState,
    get_current_span,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #dab3887a38c9007d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_rule_based.py:18
from opentelemetry.util.types import AnyValue, Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #edba9c33628d7fda Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8845efd7eef9d4d6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:9
from opentelemetry.sdk.trace.sampling import Decision, Sampler, SamplingResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6da3777f3006ccd6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:10
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #08c190bf0b2f9e51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_sampler.py:11
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9637305a4cca41c7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_trace_state.py:9
from opentelemetry.trace import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38c78f45c8748fc0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:8
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cab3d01c91b47e94 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:9
from opentelemetry.trace import Link, SpanKind, TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34e7acb2a536db4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_sampling_experimental/_traceid_ratio.py:10
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89dd9c311765f467 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:9
from opentelemetry import metrics as metrics_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c023420e36222dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:10
from opentelemetry.sdk.trace.sampling import Decision

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #272e3419abf98879 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:11
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OTEL_SPAN_PARENT_ORIGIN,
    OTEL_SPAN_SAMPLING_RESULT,
    OtelSpanSamplingResultValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b06dc2a28b4029a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:16
from opentelemetry.semconv._incubating.metrics.otel_metrics import (
    create_otel_sdk_span_live,
    create_otel_sdk_span_started,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c5b534f39f22f6a6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/_tracer_metrics.py:20
from opentelemetry.trace.span import SpanContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ad6b82108560274d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:12
from opentelemetry.context import (
    _SUPPRESS_INSTRUMENTATION_KEY,
    Context,
    attach,
    detach,
    set_value,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a7c0c79eb7603abf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:19
from opentelemetry.metrics import MeterProvider, get_meter_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fb759dabd6995057 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:20
from opentelemetry.sdk._shared_internal import (
    BatchProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9248c5699ea4724 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:23
from opentelemetry.sdk._shared_internal._processor_metrics import (
    create_processor_metrics,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7e4ac4664b51c8ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:26
from opentelemetry.sdk.environment_variables import (
    OTEL_BSP_EXPORT_TIMEOUT,
    OTEL_BSP_MAX_EXPORT_BATCH_SIZE,
    OTEL_BSP_MAX_QUEUE_SIZE,
    OTEL_BSP_SCHEDULE_DELAY,
    OTEL_PYTHON_SDK_INTERNAL_METRICS_ENABLED,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8a6654876173b339 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:33
from opentelemetry.sdk.environment_variables._internal import (
    parse_boolean_environment_variable,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bfdbc71da7966d20 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:36
from opentelemetry.sdk.trace import ReadableSpan, Span, SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9324001050f42af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:37
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf8aea58c91613c8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/in_memory_span_exporter.py:7
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #df8a0a5bc82e0756 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/in_memory_span_exporter.py:8
from opentelemetry.sdk.trace.export import SpanExporter, SpanExportResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1185ed3d455a63dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/id_generator.py:7
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a988b63824be90a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:135
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9a33c779ed92a21e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:136
from opentelemetry.sdk.environment_variables import (
    OTEL_TRACES_SAMPLER,
    OTEL_TRACES_SAMPLER_ARG,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9703c1b7c703c50 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:140
from opentelemetry.trace import Link, SpanKind, get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1d853f7b9e6acbd6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:141
from opentelemetry.trace.span import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1d628f828e48e39c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:142
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8f623f05548962f2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/__init__.pyi:28
from opentelemetry.util.types import AttributesAsKey, AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e94a6b19cb34fd5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/_configurator.py:6
from opentelemetry.sdk.util.instrumentation import (
    InstrumentationScope,
    _InstrumentationScopePredicateT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d5a4503eabfdeeae Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/instrumentation.py:9
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2d903b6fb355d52f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/sdk/util/instrumentation.py:10
from opentelemetry.util.types import (  # TODO: see if we can remove F401 when using new sphinx version # noqa: F401 # pylint: disable=unused-import
    AnyValue,
    Attributes,
    _ExtendedAttributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 48 low-confidence finding(s)
low env_fs dependency Excluded from app score #d51e7173a4dc19aa Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:154
    return environ.get(OTEL_TRACES_SAMPLER, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42d2716ad42cc795 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:158
    return environ.get(OTEL_PYTHON_ID_GENERATOR, _DEFAULT_ID_GENERATOR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #caa7d979dbe5e76a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:162
    return environ.get(OTEL_PYTHON_TRACER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64985763369df2dd Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:166
    return environ.get(OTEL_PYTHON_METER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b9176bfa39cc404 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:170
    return environ.get(OTEL_PYTHON_LOGGER_CONFIGURATOR, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6455d79a05363626 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:184
    otlp_protocol = environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a0b6f680f1270eb Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:184
    otlp_protocol = environ.get(
        _PROTOCOL_ENV_BY_SIGNAL_TYPE[signal_type]
    ) or environ.get(OTEL_EXPORTER_OTLP_PROTOCOL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a12bb514ab636a3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:186
    ) or environ.get(OTEL_EXPORTER_OTLP_PROTOCOL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71e6fcf5a75d2a17 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:220
    names = environ.get(_EXPORTER_ENV_BY_SIGNAL_TYPE.get(signal_type, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7a7b03b3f2883b1 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:506
                rate = float(os.getenv(OTEL_TRACES_SAMPLER_ARG, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e07b18f24882dfb Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:514
            arg = os.getenv(OTEL_TRACES_SAMPLER_ARG)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2a8e03d9f167f91 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:663
            os.getenv(
                _OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED, "false"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f686da6a909bb576 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/__init__.py:724
        if config_file := environ.get(OTEL_CONFIG_FILE):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0160ace350dff4e Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/_resource.py:145
    if service_name := os.environ.get(OTEL_SERVICE_NAME):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1ee3aa85f47685b Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_env_substitution.py:60
        value = os.environ.get(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91a749c49c9fff8f Filesystem access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:54
            json.loads(schema_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #051fe66458dbfcba Filesystem access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_configuration/file/_loader.py:97
        with open(path, encoding="utf-8") as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d7e71563581adea Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:170
            if env_var not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae129c8a5122ba49 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:173
            str_value = environ.get(env_var, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f520373f19b843c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/__init__.py:800
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ac2ad8a267eb34d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:338
                environ.get(OTEL_BLRP_MAX_QUEUE_SIZE, _DEFAULT_MAX_QUEUE_SIZE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41f52884c6c0b426 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:352
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06c9700a9468d13c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:352
                environ.get(
                    OTEL_BLRP_SCHEDULE_DELAY, _DEFAULT_SCHEDULE_DELAY_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe33a016c043ff02 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:368
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b086b5769fd76f81 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:368
                environ.get(
                    OTEL_BLRP_MAX_EXPORT_BATCH_SIZE,
                    _DEFAULT_MAX_EXPORT_BATCH_SIZE,
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bc379abd7927bec Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:385
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf6765e4b8a485f5 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/_logs/_internal/export/__init__.py:385
                environ.get(
                    OTEL_BLRP_EXPORT_TIMEOUT, _DEFAULT_EXPORT_TIMEOUT_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd9111ab354de33f Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/environment_variables/_internal.py:13
    value = environ.get(environment_variable)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce4d629b530ad591 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:489
                    environ.get(OTEL_METRICS_EXEMPLAR_FILTER, "trace_based")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7dd39b317c2c8f1d Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/__init__.py:500
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4260e00caf0976b3 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:498
                    environ.get(OTEL_METRIC_EXPORT_INTERVAL, 60000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fa4cd3c3b086e43 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/metrics/_internal/export/__init__.py:508
                    environ.get(OTEL_METRIC_EXPORT_TIMEOUT, 30000)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3eec5b9cd569da16 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:300
        env_resources_items = environ.get(OTEL_RESOURCE_ATTRIBUTES)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ae2d5226a3717e4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:317
        service_name = environ.get(OTEL_SERVICE_NAME)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae9e915e597d9e31 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:511
                for name in environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e54c0c577f2bb24 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/resources/__init__.py:511
                for name in environ.get(
                    OTEL_EXPERIMENTAL_RESOURCE_DETECTORS, ""
                ).split(",")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1aee4028351b18b9 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:735
            if env_var not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2864d6d5b6dc0215 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:738
            str_value = environ.get(env_var, "").strip().lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c535c747a8e160a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/__init__.py:1335
        disabled = environ.get(OTEL_SDK_DISABLED, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af6d1c76a2104369 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:242
                environ.get(OTEL_BSP_MAX_QUEUE_SIZE, _DEFAULT_MAX_QUEUE_SIZE)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4afa29b202bd9def Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:256
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0304b5cf96f8ac4 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:256
                environ.get(
                    OTEL_BSP_SCHEDULE_DELAY, _DEFAULT_SCHEDULE_DELAY_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3bbc8fd0ddf977c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:272
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ad0d8da2019d2f7 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:272
                environ.get(
                    OTEL_BSP_MAX_EXPORT_BATCH_SIZE,
                    _DEFAULT_MAX_EXPORT_BATCH_SIZE,
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba0c908901f4dcf0 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:289
                environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf7ef62e5754d11a Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/export/__init__.py:289
                environ.get(
                    OTEL_BSP_EXPORT_TIMEOUT, _DEFAULT_EXPORT_TIMEOUT_MILLIS
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2ff24bb3044f287 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:421
    trace_sampler = os.getenv(
        OTEL_TRACES_SAMPLER, "parentbased_always_on"
    ).lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3a644e12d9f70ba Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/sdk/trace/sampling.py:430
            rate = float(os.getenv(OTEL_TRACES_SAMPLER_ARG, ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-api

python dependency
medium telemetry dependency Excluded from app score #1f93efc6c688eca2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:13
from opentelemetry._logs import LogRecord

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3a4558b88170bbc3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:14
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9c7baf2259fccac0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:15
from opentelemetry.environment_variables import (
    _OTEL_PYTHON_EVENT_LOGGER_PROVIDER,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f808fafbacb9c3a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:18
from opentelemetry.trace.span import TraceFlags

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a97cb401fd232c0c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:19
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #21b70ca048437040 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:20
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7730f7a2ab8c8276 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:21
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bf2160517e67fbfe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/__init__.py:25
from opentelemetry._logs._internal import (
    Logger,
    LoggerProvider,
    LogRecord,
    NoOpLogger,
    NoOpLoggerProvider,
    get_logger,
    get_logger_provider,
    set_logger_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9e4f160b1c783598 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/__init__.py:35
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9428163c62da85a3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:35
from opentelemetry._logs.severity import SeverityNumber

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1d3a9b8f2ef4d18f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:36
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8724e92e00a1eb4b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:37
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #088e93c5c4de17d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:38
from opentelemetry.environment_variables import _OTEL_PYTHON_LOGGER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ae47a848dcfd90ca Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:39
from opentelemetry.trace import get_current_span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #851fe3cf57b1ef73 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:40
from opentelemetry.trace.span import TraceFlags

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #58c43d565ed05db4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:41
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #23684f4672fc5217 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:42
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #72177590f6515b2f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:43
from opentelemetry.util.types import AnyValue, _ExtendedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2e8bc8bdd5dfc64 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/attributes/__init__.py:10
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5c797d81dec1b679 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:9
from opentelemetry.context import create_key, get_value, set_value

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02de0275c4458777 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:10
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0a0978d79dbdb3e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/__init__.py:11
from opentelemetry.util.re import (
    _BAGGAGE_PROPERTY_FORMAT,
    _KEY_FORMAT,
    _VALUE_FORMAT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #75a0ed4775755b86 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:9
from opentelemetry.baggage import _is_valid_pair, get_all, set_baggage

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a6acdc0f6fca3bfc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:10
from opentelemetry.context import get_current

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c702cce2488beaa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:11
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #59d001278937da31 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:12
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6844d5ed55d80bac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/baggage/propagation/__init__.py:13
from opentelemetry.util.re import _DELIMITER_PATTERN

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #07bb3f64eb4d95d2 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:12
from opentelemetry.context.context import Context, _RuntimeContext  # noqa

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #64c495974e9f30e8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:13
from opentelemetry.context.contextvars_context import ContextVarsRuntimeContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00da367d6112b9b3 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:14
from opentelemetry.environment_variables import OTEL_PYTHON_CONTEXT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ec55737622f54de4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:30
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb9a3d1725047b71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/context/contextvars_context.py:8
from opentelemetry.context.context import Context, _RuntimeContext

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #475e276fbdb9204c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:31
from opentelemetry.metrics._internal import (
    Meter,
    MeterProvider,
    NoOpMeter,
    NoOpMeterProvider,
    get_meter,
    get_meter_provider,
    set_meter_provider,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ac4b37c423f90dd1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:40
from opentelemetry.metrics._internal.instrument import (
    Asynchronous,
    CallbackOptions,
    CallbackT,
    Counter,
    Histogram,
    Instrument,
    NoOpCounter,
    NoOpHistogram,
    NoOpObservableCounter,
    NoOpObservableGauge,
    NoOpObservableUpDownCounter,
    NoOpUpDownCounter,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    Synchronous,
    UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2811962a5329e607 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:59
from opentelemetry.metrics._internal.instrument import Gauge as _Gauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa13c7082cd65ce6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:60
from opentelemetry.metrics._internal.instrument import NoOpGauge as _NoOpGauge

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6956e46f507a3a80 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/__init__.py:61
from opentelemetry.metrics._internal.observation import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eba5b74891e1ab4a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:41
from opentelemetry.environment_variables import OTEL_PYTHON_METER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ae5199b0efb7b8f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:42
from opentelemetry.metrics._internal.instrument import (
    CallbackT,
    Counter,
    Gauge,
    Histogram,
    NoOpCounter,
    NoOpGauge,
    NoOpHistogram,
    NoOpObservableCounter,
    NoOpObservableGauge,
    NoOpObservableUpDownCounter,
    NoOpUpDownCounter,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,
    _MetricsHistogramAdvisory,
    _ProxyCounter,
    _ProxyGauge,
    _ProxyHistogram,
    _ProxyObservableCounter,
    _ProxyObservableGauge,
    _ProxyObservableUpDownCounter,
    _ProxyUpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a3016c9090f97fb7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:67
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b5a560b92d687703 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:68
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #80b83240a171d210 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:69
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #eb3d68fc4fa3ff54 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:18
from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8d0f7e6053cbd7f4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:19
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36b59fda55e4da6d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:20
from opentelemetry.metrics._internal.observation import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #abb6e38f61900654 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/instrument.py:21
from opentelemetry.util.types import (
    Attributes,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e5533f5598eccb82 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/observation.py:5
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a355c877484de04f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/observation.py:6
from opentelemetry.util.types import Attributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e136e658cc4b8b38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:63
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b5cfcfafc83f1102 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:64
from opentelemetry.environment_variables import OTEL_PROPAGATORS

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e8a974d2f03c5072 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:65
from opentelemetry.propagators import composite, textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b89738b51e17dc0e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:115
        from opentelemetry.baggage.propagation import (  # noqa: PLC0415
            W3CBaggagePropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #36ed1c80d0de2472 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:120
        from opentelemetry.trace.propagation.tracecontext import (  # noqa: PLC0415
            TraceContextTextMapPropagator,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9de74bb0f3001792 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:129
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8634c466aa097c9f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/_envcarrier.py:8
from opentelemetry.propagators.textmap import Getter, Setter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b90f1b5b960af56b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/composite.py:8
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a8a93baef9bbf217 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/composite.py:9
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5aa4d36ddf0b4b4e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/propagators/textmap.py:8
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6491f5630bbefa59 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:74
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #092d38a8ec952d91 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:75
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e7435e2ff0498932 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:76
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #209a4be9e4b8927e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:77
from opentelemetry.environment_variables import OTEL_PYTHON_TRACER_PROVIDER

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2ebea876edb0641 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:78
from opentelemetry.trace.propagation import (
    _SPAN_KEY,
    get_current_span,
    set_span_in_context,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2cd7c9118129e852 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:83
from opentelemetry.trace.span import (
    DEFAULT_TRACE_OPTIONS,
    DEFAULT_TRACE_STATE,
    INVALID_SPAN,
    INVALID_SPAN_CONTEXT,
    INVALID_SPAN_ID,
    INVALID_TRACE_ID,
    NonRecordingSpan,
    Span,
    SpanContext,
    TraceFlags,
    TraceState,
    format_span_id,
    format_trace_id,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #38d7d0ec1c537476 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:98
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #743ef763a7dfb5fe Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:99
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #02c3c56777da1f42 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:100
from opentelemetry.util._decorator import _agnosticcontextmanager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #51ef48fbdcd5940d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:101
from opentelemetry.util._once import Once

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d968fee93ad50d2d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:102
from opentelemetry.util._providers import _load_provider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b635f0e6d2093cde Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:4
from opentelemetry.context import create_key, get_value, set_value

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #393495f9d9f6ee43 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:5
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aedf5706b192bedd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/__init__.py:6
from opentelemetry.trace.span import INVALID_SPAN, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1b60519a6441d843 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:6
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ff3dcfe270fab1fb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:7
from opentelemetry.context.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f91a7aecd8158947 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:8
from opentelemetry.propagators import textmap

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4dc3be5b74cce3bf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:9
from opentelemetry.trace import format_span_id, format_trace_id

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #64d2a58ddd194c5e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/propagation/tracecontext.py:10
from opentelemetry.trace.span import TraceState

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4cccb8f2a6d525dd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/span.py:14
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #89c7d6ef020f1e6d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/trace/span.py:15
from opentelemetry.util import types

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f13cc6621ce8b7e5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:9
    from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #06dc14af1f756402 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:10
    from opentelemetry.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b75ab0c188c7bee9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:21
    from opentelemetry.util._importlib_metadata import (  # noqa: PLC0415
        entry_points,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #83944aad47202fc1 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/_events/__init__.py:202
        if _OTEL_PYTHON_EVENT_LOGGER_PROVIDER not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebcc7e1c2ff96c54 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/_logs/_internal/__init__.py:394
        if _OTEL_PYTHON_LOGGER_PROVIDER not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aac92bb5cac6f8d7 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/context/__init__.py:25
    configured_context = os.environ.get(OTEL_PYTHON_CONTEXT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad11fe137eac4156 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/metrics/_internal/__init__.py:868
        if OTEL_PYTHON_METER_PROVIDER not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #554d8f0bf1c73250 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:112
    configured = environ.get(OTEL_PROPAGATORS)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d4375b4b366bd08 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/propagate/__init__.py:167
environ_propagators = environ.get(OTEL_PROPAGATORS, "tracecontext,baggage")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ff257625c438128 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/propagators/_envcarrier.py:50
            k: v for k, v in os.environ.items() if _is_normalized_key(k)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b64d96907c78a56 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/trace/__init__.py:573
        if OTEL_PYTHON_TRACER_PROVIDER not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c75488a37c975d4c Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/util/_providers.py:28
            environ.get(provider_environment_variable, f"default_{provider}"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langfuse

python dependency
medium telemetry dependency Excluded from app score #9d2cab10164f64af Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:32
from opentelemetry import context as otel_context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #34efa451683cffa1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:33
from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #af0414dbdb959c66 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:34
from opentelemetry.sdk.trace import ReadableSpan, TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b04744ac090a4e03 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:35
from opentelemetry.sdk.trace.export import SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1f4d66518b7da12e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:36
from opentelemetry.sdk.trace.id_generator import IdGenerator, RandomIdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2a4f059edac49c00 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/client.py:37
from opentelemetry.util._decorator import (
    _AgnosticContextManager,
    _agnosticcontextmanager,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ec5971e8205a7a4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/observe.py:22
from opentelemetry.util._decorator import _AgnosticContextManager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49941ce0f8d43b11 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:23
from opentelemetry import (
    baggage,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d8e77f2362b40d31 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:26
from opentelemetry import (
    baggage as otel_baggage_api,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0311740aaa692891 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:29
from opentelemetry import (
    context as otel_context_api,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a37aac1a51ba95f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:32
from opentelemetry import (
    trace as otel_trace_api,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0555f4e0458b0e8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:35
from opentelemetry.context import _RUNTIME_CONTEXT

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c80fe1799036c1c6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/propagation.py:36
from opentelemetry.util._decorator import (
    _AgnosticContextManager,
    _agnosticcontextmanager,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a617d87f7b20af64 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:27
from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7f4eccdd1e3dcf4d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:28
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #278c56fa183a2079 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:29
from opentelemetry.sdk.trace import ReadableSpan, TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #8ed9d3e90686b71e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:30
from opentelemetry.sdk.trace.export import SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d9fb60415c47a876 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:31
from opentelemetry.sdk.trace.id_generator import IdGenerator

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #78bfb0b5ebd272e8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:32
from opentelemetry.sdk.trace.sampling import Decision, TraceIdRatioBased

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f3fc5bd14b63cb29 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:33
from opentelemetry.trace import Tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5a0de26da628e034 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span.py:30
from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ded1fe2e8babc230 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span.py:31
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3e30cd5dae0382bd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span.py:32
from opentelemetry.util._decorator import _AgnosticContextManager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49dff7340187c64f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:7
from opentelemetry.attributes import BoundedAttributes

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #face1bea3bac2c2e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:8
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #883ec2781063e407 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:9
from opentelemetry.sdk.trace.export import SpanExporter, SpanExportResult

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9a107650b8a94129 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:10
from opentelemetry.sdk.util import BoundedList

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1c1f961819c3756b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:11
from opentelemetry.trace import format_span_id, format_trace_id

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0a6fd1e9a41e30ee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_exporter.py:12
from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b737b333932365f7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_filter.py:7
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc6de30d733cdad0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:19
from opentelemetry import context as context_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4337bef746888b37 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:20
from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3684d446c2eea8d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:21
from opentelemetry.exporter.otlp.proto.http.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #adccb2f5a5a74bc7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:22
from opentelemetry.sdk.trace import ReadableSpan, Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c9f424d330bef2f5 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:23
from opentelemetry.sdk.trace.export import BatchSpanProcessor, SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #141f662708f82f44 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:24
from opentelemetry.trace import format_span_id, format_trace_id

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9ef149a4bd297502 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/utils.py:14
from opentelemetry import trace as otel_trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #787f32e3644b1229 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/utils.py:15
from opentelemetry.sdk import util

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #01429150c153ae04 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/_client/utils.py:16
from opentelemetry.sdk.trace import ReadableSpan

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4c3a0c902b1341a1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/langchain/CallbackHandler.py:19
from opentelemetry import context, trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5dab46b60bbe57ac Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/langchain/CallbackHandler.py:20
from opentelemetry.util._decorator import _AgnosticContextManager

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #92eacfa9781d4a26 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/langfuse/types.py:33
from opentelemetry.util.types import AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 32 low-confidence finding(s)
low env_fs dependency Excluded from app score #c14b5e0157af898b Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:317
            or os.environ.get(LANGFUSE_BASE_URL)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea97c7e571c14aa8 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:319
            or os.environ.get(LANGFUSE_HOST, "https://cloud.langfuse.com")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #806e17140606ed83 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:322
            str, os.environ.get(LANGFUSE_TRACING_ENVIRONMENT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3c9824342623bd1 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:326
            or os.environ.get(LANGFUSE_RELEASE, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d354dc1d29fb283 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:330
        sample_rate = sample_rate or float(os.environ.get(LANGFUSE_SAMPLE_RATE, 1.0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2c45feafeb44c38 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:336
        timeout = timeout or int(os.environ.get(LANGFUSE_TIMEOUT, 5))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8167fb2aca71c177 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:340
            and os.environ.get(LANGFUSE_TRACING_ENABLED, "true").lower() != "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #972a9ee0804911b2 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:348
            debug if debug else (os.getenv(LANGFUSE_DEBUG, "false").lower() == "true")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40cb6231c3157c73 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:356
        public_key = public_key or os.environ.get(LANGFUSE_PUBLIC_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #907494cebc96f380 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:365
        secret_key = secret_key or os.environ.get(LANGFUSE_SECRET_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45e67bf00582ac28 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/client.py:374
        if os.environ.get("OTEL_SDK_DISABLED", "false").lower() == "true":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #188d4a6d528e5676 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/observe.py:172
        function_io_capture_enabled = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae3941e278299dda Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/observe.py:172
        function_io_capture_enabled = os.environ.get(
            LANGFUSE_OBSERVE_DECORATOR_IO_CAPTURE_ENABLED, "True"
        ).lower() not in ("false", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e45a79498923c39c Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:231
        self._media_upload_enabled = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a13f7a88454548c3 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:231
        self._media_upload_enabled = os.environ.get(
            LANGFUSE_MEDIA_UPLOAD_ENABLED, "True"
        ).lower() not in ("false", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44a13a25e40ee934 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:236
            int(os.getenv(LANGFUSE_MEDIA_UPLOAD_THREAD_COUNT, 1)), 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5914fa392052eec2 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:434
            os.environ["no_proxy"] = "*"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #373dd32de7785c27 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:435
            os.environ["NO_PROXY"] = "*"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fd8d3493424cf14 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:631
    environment = environment or os.environ.get(LANGFUSE_TRACING_ENVIRONMENT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5b068870175ca6d Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/resource_manager.py:632
    release = release or os.environ.get(LANGFUSE_RELEASE) or get_common_release_envs()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26adb9c76b11df49 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:89
        env_flush_at = os.environ.get(LANGFUSE_FLUSH_AT, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83da0287aa042d64 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:93
        env_flush_interval = os.environ.get(LANGFUSE_FLUSH_INTERVAL, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3492b605a3a61ad2 Environment-variable access.
pkgs/python/[email protected]/langfuse/_client/span_processor.py:113
            traces_export_path = os.environ.get(LANGFUSE_OTEL_TRACES_EXPORT_PATH, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7aed247a04530560 Environment-variable access.
pkgs/python/[email protected]/langfuse/_task_manager/media_manager.py:45
        self._enabled = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af1ff2eef5f74955 Environment-variable access.
pkgs/python/[email protected]/langfuse/_task_manager/media_manager.py:45
        self._enabled = os.environ.get(
            LANGFUSE_MEDIA_UPLOAD_ENABLED, "True"
        ).lower() not in ("false", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3eafffa897aac50 Environment-variable access.
pkgs/python/[email protected]/langfuse/_task_manager/score_ingestion_consumer.py:18
MAX_EVENT_SIZE_BYTES = int(os.environ.get("LANGFUSE_MAX_EVENT_SIZE_BYTES", 1_000_000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c5aad2afe46d9317 Environment-variable access.
pkgs/python/[email protected]/langfuse/_task_manager/score_ingestion_consumer.py:19
MAX_BATCH_SIZE_BYTES = int(os.environ.get("LANGFUSE_MAX_BATCH_SIZE_BYTES", 2_500_000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fec8a7e7654e510a Environment-variable access.
pkgs/python/[email protected]/langfuse/_utils/environment.py:32
        if env in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f7307f544b88fb4 Environment-variable access.
pkgs/python/[email protected]/langfuse/_utils/environment.py:33
            return os.environ[env]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54b497c9c9cd1ed6 Environment-variable access.
pkgs/python/[email protected]/langfuse/_utils/prompt_cache.py:17
    os.getenv(LANGFUSE_PROMPT_CACHE_DEFAULT_TTL_SECONDS, 60)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd2641f3b0e30b50 Filesystem access.
pkgs/python/[email protected]/langfuse/media.py:178
            with open(file_path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5def71c343656aa1 Environment-variable access.
pkgs/python/[email protected]/langfuse/openai.py:1213
    if os.environ.get(LANGFUSE_OPENAI_SKIP_RAW_RESPONSES, "False").lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-instrumentation-requests

python dependency
medium telemetry dependency Excluded from app score #73dee2d5ddbaf41b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:185
from opentelemetry.instrumentation._semconv import (
    HTTP_DURATION_HISTOGRAM_BUCKETS_NEW,
    HTTP_DURATION_HISTOGRAM_BUCKETS_OLD,
    _client_duration_attrs_new,
    _client_duration_attrs_old,
    _filter_semconv_duration_attrs,
    _get_schema_url,
    _OpenTelemetrySemanticConventionStability,
    _OpenTelemetryStabilitySignalType,
    _report_new,
    _report_old,
    _set_http_host_client,
    _set_http_method,
    _set_http_net_peer_name_client,
    _set_http_network_protocol_version,
    _set_http_peer_port_client,
    _set_http_scheme,
    _set_http_url,
    _set_status,
    _StabilityMode,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7eb066ca0c3475ea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:206
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a0f8ce9eaf0cdd16 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:207
from opentelemetry.instrumentation.requests.package import _instruments

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #09948dd377298b23 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:208
from opentelemetry.instrumentation.requests.version import __version__

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2eb32fec5ab064da Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:209
from opentelemetry.instrumentation.utils import (
    is_http_instrumentation_enabled,
    suppress_http_instrumentation,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4d69cbe1d8b08c38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:213
from opentelemetry.metrics import Histogram, get_meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0c79036ad0498ed Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:214
from opentelemetry.propagate import inject

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e3607b1f89b5f7a0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:215
from opentelemetry.semconv._incubating.attributes.user_agent_attributes import (
    USER_AGENT_SYNTHETIC_TYPE,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #918da78a5d49de7a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:218
from opentelemetry.semconv.attributes.error_attributes import ERROR_TYPE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #55f9399bd23d491d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:219
from opentelemetry.semconv.attributes.network_attributes import (
    NETWORK_PEER_ADDRESS,
    NETWORK_PEER_PORT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c2b2818f21a78280 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:223
from opentelemetry.semconv.attributes.user_agent_attributes import (
    USER_AGENT_ORIGINAL,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b4679676e81c17d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:226
from opentelemetry.semconv.metrics import MetricInstruments

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #bb44ca25008ca6d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:227
from opentelemetry.semconv.metrics.http_metrics import (
    HTTP_CLIENT_REQUEST_DURATION,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #04572d3efb9379d4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:230
from opentelemetry.trace import SpanKind, Tracer, get_tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5524a33ccb925bdb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:231
from opentelemetry.trace.span import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e51f7f0a862737fa Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:232
from opentelemetry.util.http import (
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_REQUEST,
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_RESPONSE,
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SANITIZE_FIELDS,
    ExcludeList,
    detect_synthetic_user_agent,
    get_custom_header_attributes,
    get_custom_headers,
    get_excluded_urls,
    normalise_request_header_name,
    normalise_response_header_name,
    normalize_user_agent,
    parse_excluded_urls,
    redact_url,
    sanitize_method,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a9c0d970fce2de68 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/requests/__init__.py:248
from opentelemetry.util.http.httplib import set_ip_on_next_http_connection

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

opentelemetry-instrumentation-urllib3

python dependency
medium telemetry dependency Excluded from app score #e63f284de49b40ab Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:187
from opentelemetry.instrumentation._semconv import (
    HTTP_DURATION_HISTOGRAM_BUCKETS_NEW,
    _client_duration_attrs_new,
    _client_duration_attrs_old,
    _filter_semconv_duration_attrs,
    _get_schema_url,
    _OpenTelemetrySemanticConventionStability,
    _OpenTelemetryStabilitySignalType,
    _report_new,
    _report_old,
    _set_http_host_client,
    _set_http_method,
    _set_http_net_peer_name_client,
    _set_http_network_protocol_version,
    _set_http_peer_port_client,
    _set_http_scheme,
    _set_http_url,
    _set_status,
    _StabilityMode,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9dfe5a34b852bc8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:207
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7eae4cde6847d659 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:208
from opentelemetry.instrumentation.urllib3.package import _instruments

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #374049394d707e81 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:209
from opentelemetry.instrumentation.urllib3.version import __version__

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4ff71e489b5f149b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:210
from opentelemetry.instrumentation.utils import (
    is_http_instrumentation_enabled,
    suppress_http_instrumentation,
    unwrap,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5f4b85fc5b44dfea Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:215
from opentelemetry.metrics import Histogram, get_meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fbee9c63eed76a71 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:216
from opentelemetry.propagate import inject

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7a36d598d8930633 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:217
from opentelemetry.semconv._incubating.metrics.http_metrics import (
    create_http_client_request_body_size,
    create_http_client_response_body_size,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2992053ef722934e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:221
from opentelemetry.semconv.metrics import MetricInstruments

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f8f6d15e6443977d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:222
from opentelemetry.semconv.metrics.http_metrics import (
    HTTP_CLIENT_REQUEST_DURATION,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b68eeecda4a0bd38 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:225
from opentelemetry.trace import Span, SpanKind, Tracer, get_tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fb4fa92203368be Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:226
from opentelemetry.util.http import (
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_REQUEST,
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_CLIENT_RESPONSE,
    OTEL_INSTRUMENTATION_HTTP_CAPTURE_HEADERS_SANITIZE_FIELDS,
    ExcludeList,
    get_custom_header_attributes,
    get_custom_headers,
    get_excluded_urls,
    normalise_request_header_name,
    normalise_response_header_name,
    parse_excluded_urls,
    sanitize_method,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #191d0e0e92980f9c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/urllib3/__init__.py:239
from opentelemetry.util.http.httplib import set_ip_on_next_http_connection

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

couchbase

python dependency
medium telemetry dependency Excluded from app score #64da7b4d26b06a3f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:28
    from opentelemetry import metrics as otel_metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5ac42e4546e3fe53 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:29
    from opentelemetry.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #cc42d25bdf3c5a9a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_metrics.py:32
    from opentelemetry import metrics as otel_metrics  # noqa: F811

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0b5c256bb03794d0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:29
    from opentelemetry import trace as otel_trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #3631f9dfdff09835 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:30
    from opentelemetry.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #d4e8d077f1caf651 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:33
    from opentelemetry import trace as otel_trace  # noqa: F811

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fe70ca47d91564e1 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:34
    from opentelemetry.context import Context

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1ef3e97e4350d198 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:35
    from opentelemetry.trace import SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7986514bad419e6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:36
    from opentelemetry.trace.status import Status as OtelStatus

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5e9a30eff106ff83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/observability/otel_tracing.py:37
    from opentelemetry.trace.status import StatusCode as OtelStatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b046e217018fcf96 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/couchbase/otel_tracer.py:19
from opentelemetry.trace import (Span,
                                 Tracer,
                                 set_span_in_context)

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 30 low-confidence finding(s)
low env_fs dependency Excluded from app score #197d3690f27c73c8 Environment-variable access.
pkgs/python/[email protected]/couchbase/__init__.py:28
        open_ssl_dir = os.getenv('PYCBC_OPENSSL_DIR')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b982e18024839786 Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:162
    log_level = os.getenv('PYCBC_LOG_LEVEL', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af2b956aa6854427 Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:164
        log_file = os.getenv('PYCBC_LOG_FILE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d2019e701d19865 Environment-variable access.
pkgs/python/[email protected]/couchbase/logic/logging_config.py:166
            enable_console_logging = 0 if os.getenv('PYCBC_ENABLE_CONSOLE', None) is None else 1

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8b5f11174ab7aa5 Filesystem access.
pkgs/python/[email protected]/couchbase_version.py:108
    fp = open(VERSION_FILE, "r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3da50a453944585c Filesystem access.
pkgs/python/[email protected]/couchbase_version.py:172
    with open(VERSION_FILE, "w") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca9bfde8f85c2735 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:36
CMAKE_EXE = os.environ.get('CMAKE_EXE', shutil.which('cmake'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbbafd411fa5c06e Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:42
CXXCBC_CACHE_DIR = os.environ.get('PYCBC_CXXCBC_CACHE_DIR', os.path.join(PYCBC_ROOT, 'deps', 'couchbase-cxx-cache'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dfd862ec00c97484 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:55
    build_type = os.getenv('PYCBC_BUILD_TYPE', 'Release')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34f5a63e24dc747c Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:60
            c_flags = os.getenv('CFLAGS', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f52ec69ef5187d28 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:61
            cxx_flags = os.getenv('CXXFLAGS', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37fc30bd0f7244ed Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:62
            os.environ['CFLAGS'] = f'{c_flags} {debug_flags}'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #362944cf15690da8 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:63
            os.environ['CXXFLAGS'] = f'{cxx_flags} {debug_flags}'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7ecc612d391a933 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:64
    os.environ['PYCBC_BUILD_TYPE'] = build_type

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a675e531bdeb7f0 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:68
    ssl_dir = os.getenv('PYCBC_OPENSSL_DIR', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5007a2e6ae74b82f Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:73
    pycbc_use_openssl = os.getenv('PYCBC_USE_OPENSSL', 'true').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36b51ea45dcb34c8 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:74
    pycbc_use_opensslv1_1 = os.getenv('PYCBC_USE_OPENSSLV1_1', 'false').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59ca284c8e7d3531 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:77
        ssl_version = os.getenv('PYCBC_OPENSSL_VERSION', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57504a5e345a4ca2 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:92
    use_static_stdlib = os.getenv('PYCBC_USE_STATIC_STDLIB', 'false').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #709ad4f44795ea67 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:100
    download_mozilla_ca_bundle = os.getenv('PYCBC_DOWNLOAD_MOZILLA_CA_BUNDLE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc518da758f01ada Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:107
    sanitizers = os.getenv('PYCBC_SANITIZERS', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e9bd357ec7e095e Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:112
    if os.getenv('PYCBC_VERBOSE_MAKEFILE', None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7eaca4a4e25febd Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:115
    pycbc_cmake_system_version = os.getenv('PYCBC_CMAKE_SYSTEM_VERSION', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #184a353deef36a9a Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:119
    pycbc_tls_key_log_file = os.getenv('PYCBC_TLS_KEY_LOG_FILE', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05db3625eb8da19c Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:124
    os.environ['CMAKE_COMMON_VARIABLES'] = ' '.join(cmake_extra_args)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0947dd19a8492926 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:141
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67fb2bbbaede49f2 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:154
                os.environ.get('CMAKE_COMMON_VARIABLES', '').split(' ')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2d070d72990eb30 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:258
        set_cpm_cache = os.environ.get('PYCBC_SET_CPM_CACHE', 'true').lower() in ENV_TRUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3178db06148bad99 Environment-variable access.
pkgs/python/[email protected]/pycbc_build_setup.py:352
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86a00aea540e206c Filesystem access.
pkgs/python/[email protected]/setup.py:82
      long_description=open(PYCBC_README, "r").read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-instrumentation-fastapi

python dependency
medium telemetry dependency Excluded from app score #88f0af3b70b19306 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:195
from opentelemetry.instrumentation._semconv import (
    _get_schema_url,
    _OpenTelemetrySemanticConventionStability,
    _OpenTelemetryStabilitySignalType,
    _StabilityMode,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9fa2c1610ce5ce5a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:201
from opentelemetry.instrumentation.asgi import OpenTelemetryMiddleware

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ce1e24011a3fec6d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:202
from opentelemetry.instrumentation.asgi.types import (
    ClientRequestHook,
    ClientResponseHook,
    ServerRequestHook,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b75450592ed0d4cb Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:207
from opentelemetry.instrumentation.fastapi.package import _instruments

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #240926de74dbfa89 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:208
from opentelemetry.instrumentation.fastapi.version import __version__

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #74e37a8b211727f0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:209
from opentelemetry.instrumentation.instrumentor import BaseInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #28ecce64f669bc83 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:210
from opentelemetry.metrics import MeterProvider, get_meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f0bb9d13a04eaeff Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:211
from opentelemetry.semconv.attributes.http_attributes import HTTP_ROUTE

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #2fce94ece7a68d8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:212
from opentelemetry.trace import TracerProvider, get_current_span, get_tracer

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #5fb9f8971e7f3d51 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:213
from opentelemetry.trace.status import Status, StatusCode

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e10c035c25cd040f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/instrumentation/fastapi/__init__.py:214
from opentelemetry.util.http import (
    get_excluded_urls,
    parse_excluded_urls,
    sanitize_method,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

chromadb

python dependency
medium telemetry dependency Excluded from app score #2d6065276375d99e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/execution/executor/distributed.py:22
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #9b5ee90b61645a45 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/proto/utils.py:4
from opentelemetry.trace import Span

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c60a7b8a50961932 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/server/fastapi/__init__.py:77
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #0d30ed7abda5636d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:7
from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #f6ea10b8ef91bbce Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:8
from opentelemetry.sdk.resources import SERVICE_NAME, Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #12b4088a20645127 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:9
from opentelemetry.sdk.trace import TracerProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #b52fdc83091b24a8 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:10
from opentelemetry.sdk.trace.export import (
    BatchSpanProcessor,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #6cf0f02d34d0fb67 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:13
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #ea264305093d5468 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/fastapi.py:3
from opentelemetry.instrumentation.fastapi import FastAPIInstrumentor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a88a0219b82fa92d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/grpc.py:5
from opentelemetry.trace import StatusCode, SpanKind

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 54 low-confidence finding(s)
low env_fs dependency Excluded from app score #6c74c45caebcd1c4 Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:407
            arg.value = arg.value or os.environ.get(arg.env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a5993d00b8a13fb2 Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:420
    tenant = tenant or os.environ.get("CHROMA_TENANT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64a9d976533dda57 Environment-variable access.
pkgs/python/[email protected]/chromadb/__init__.py:423
    database = database or os.environ.get("CHROMA_DATABASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8066a6dd025d889d Filesystem access.
pkgs/python/[email protected]/chromadb/auth/__init__.py:124
            with open(_creds_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #61a65bd90160ee4f Filesystem access.
pkgs/python/[email protected]/chromadb/auth/__init__.py:235
            with open(_config_file, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #e8eff52136fffb6f Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/chromadb/cli/cli.py:25
        response = requests.get(url)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #5af724d319edc13c Filesystem access.
pkgs/python/[email protected]/chromadb/cli/utils.py:12
    with open(f"{log_config_path}", "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c933b876a9abe907 Filesystem access.
pkgs/python/[email protected]/chromadb/db/migrations.py:256
    sql = file["path"].read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71e08e924b356e89 Filesystem access.
pkgs/python/[email protected]/chromadb/segment/impl/vector/local_persistent_hnsw.py:74
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a728774944d880ad Filesystem access.
pkgs/python/[email protected]/chromadb/segment/impl/vector/local_persistent_hnsw.py:255
        with open(self._get_metadata_file(), "wb") as metadata_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e639b2f9ea99416d Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:139
                        {"pod_name": os.environ.get("HOSTNAME")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e3330ff8ec8e9b7 Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/opentelemetry/__init__.py:155
                        {"pod_name": os.environ.get("HOSTNAME")}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d198976b614f2e94 Filesystem access.
pkgs/python/[email protected]/chromadb/telemetry/product/__init__.py:88
                with open(self.USER_ID_PATH, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7a6558a4a1c45ae Filesystem access.
pkgs/python/[email protected]/chromadb/telemetry/product/__init__.py:93
                with open(self.USER_ID_PATH, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22dbf66dcdff4ccb Environment-variable access.
pkgs/python/[email protected]/chromadb/telemetry/product/events.py:20
        self.is_cli = os.environ.get("CHROMA_CLI", "False") == "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #356b80c78bec3854 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/baseten_embedding_function.py:39
        if os.getenv("BASETEN_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #706f770ddb507aab Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/baseten_embedding_function.py:45
        resolved_api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0717ee42f98fe27a Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_qwen_embedding_function.py:61
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80dfb101913d6251 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/chroma_cloud_splade_embedding_function.py:42
        self.api_key = os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e76e67f890745449 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cloudflare_workers_ai_embedding_function.py:57
        if os.getenv("CLOUDFLARE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a3de486422759b2 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cloudflare_workers_ai_embedding_function.py:62
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a7d632131628ebe Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cohere_embedding_function.py:46
        if os.getenv("COHERE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81e06b6bc38b85bf Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/cohere_embedding_function.py:51
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1450226b759db71 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:57
        self.api_key = os.getenv(self.api_key_env_var) if self.api_key_env_var else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eec6f1e1a39f4fed Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:251
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ddafb97ab0f73e0 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:256
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59dc316b66be041a Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:401
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #650028b29c64594a Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:406
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f351d5a76ee28f8 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:529
        if os.getenv("GOOGLE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25c6638b44b4897f Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/google_embedding_function.py:534
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8c0dab5d215a043 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:43
        if os.getenv("HUGGINGFACE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d01dab7a7e5e298 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:48
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c3a397484add0b0 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:169
        if os.getenv("HUGGINGFACE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #019a97376ab442d4 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/huggingface_embedding_function.py:173
            self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b87cd45fb3f74bd4 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:84
        if os.getenv("JINA_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3df529b33a2d6849 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/jina_embedding_function.py:89
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18af22535765a178 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/mistral_embedding_function.py:29
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c8bd73b14cf37c7 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/morph_embedding_function.py:49
        self.api_key = api_key or os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5278e02bf8cdfbb5 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/nomic_embedding_function.py:50
        self.api_key = os.getenv(api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bbf82b1d0bcf817 Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/onnx_mini_lm_l6_v2.py:24
    with open(fname, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41c452b7feca55a5 Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/onnx_mini_lm_l6_v2.py:109
            with open(fname, "wb") as file, self.tqdm(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9c4a50e47887687 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/openai_embedding_function.py:60
        if os.getenv("OPENAI_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbb2ddec4bb6baa7 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/openai_embedding_function.py:65
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee3a04d456c750ad Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/perplexity_embedding_function.py:52
        if os.getenv("PERPLEXITY_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e995c9a23828bca4 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/perplexity_embedding_function.py:57
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05e9fec73978fff8 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:48
        if os.getenv("ROBOFLOW_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1699c4ff248b5b41 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/roboflow_embedding_function.py:53
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc6d61a0928e384d Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/schemas/registry.py:38
        with open(schema_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46a0171ab6021783 Filesystem access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/schemas/schema_utils.py:36
    with open(schema_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f839f437498b1650 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/together_ai_embedding_function.py:52
        if os.getenv("TOGETHER_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8f52740ac9afe21 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/together_ai_embedding_function.py:57
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28340f29e879b27d Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/utils.py:11
    return (os.environ.get("CHROMA_EMBED_URL") or DEFAULT_CHROMA_EMBED_URL).rstrip("/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce87a85964bed3ac Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/voyageai_embedding_function.py:50
        if os.getenv("VOYAGE_API_KEY") is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc4ab618c3a92539 Environment-variable access.
pkgs/python/[email protected]/chromadb/utils/embedding_functions/voyageai_embedding_function.py:55
        self.api_key = api_key or os.getenv(self.api_key_env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

arize-phoenix-otel

python dependency
medium telemetry dependency Excluded from app score #cba16448788af127 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/__init__.py:15
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4a7bcbc7e6c8d67d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:12
from opentelemetry import trace as trace_api

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #448c2495d2706852 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:13
from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import (
    OTLPSpanExporter as _GRPCSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #505f803653d57c33 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:16
from opentelemetry.exporter.otlp.proto.http.trace_exporter import (
    OTLPSpanExporter as _HTTPSpanExporter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e04cd3b7b7308cbf Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:19
from opentelemetry.sdk.resources import Resource

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #04dc07d25cda1696 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:20
from opentelemetry.sdk.trace import SpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #10a49826f2ad719c Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:21
from opentelemetry.sdk.trace.export import BatchSpanProcessor as _BatchSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #c331c962d3287c85 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:22
from opentelemetry.sdk.trace.export import SimpleSpanProcessor as _SimpleSpanProcessor

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #355e61154eb97aee Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/phoenix/otel/otel.py:23
from opentelemetry.sdk.trace.export import SpanExporter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 5 low-confidence finding(s)
low env_fs dependency Excluded from app score #3a2c37ed818a4b46 Environment-variable access.
pkgs/python/[email protected]/src/phoenix/otel/settings.py:34
    return os.getenv(ENV_PHOENIX_COLLECTOR_ENDPOINT) or os.getenv(ENV_OTEL_EXPORTER_OTLP_ENDPOINT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a224ea4431e4a8e Environment-variable access.
pkgs/python/[email protected]/src/phoenix/otel/settings.py:44
    return os.getenv(ENV_PHOENIX_PROJECT_NAME, "default")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9a77c66ffb3ecde9 Environment-variable access.
pkgs/python/[email protected]/src/phoenix/otel/settings.py:57
    if headers_str := os.getenv(ENV_PHOENIX_CLIENT_HEADERS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1388dde4cdd3ccde Environment-variable access.
pkgs/python/[email protected]/src/phoenix/otel/settings.py:72
    api_key = os.environ.get(ENV_PHOENIX_API_KEY)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3c8e5b1bdd8961a Environment-variable access.
pkgs/python/[email protected]/src/phoenix/otel/settings.py:92
    if not (port := os.getenv(ENV_PHOENIX_GRPC_PORT)):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

opentelemetry-exporter-prometheus

python dependency
medium telemetry dependency Excluded from app score #1f0042aeee642ee6 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:75
from opentelemetry.exporter.prometheus._mapping import (
    map_unit,
    sanitize_attribute,
    sanitize_full_name,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #a4a1624d8b4a7c1b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:80
from opentelemetry.sdk.environment_variables import (
    OTEL_EXPORTER_PROMETHEUS_HOST,
    OTEL_EXPORTER_PROMETHEUS_PORT,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #7c48ef89496d8d77 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:84
from opentelemetry.sdk.metrics import (
    Counter,
    ObservableCounter,
    ObservableGauge,
    ObservableUpDownCounter,
    UpDownCounter,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #03ca3fbd2827b6b0 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:91
from opentelemetry.sdk.metrics import Histogram as HistogramInstrument

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fd501845d6c30b8a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:92
from opentelemetry.sdk.metrics.export import (
    AggregationTemporality,
    DataT,
    Gauge,
    Histogram,
    HistogramDataPoint,
    Metric,
    MetricReader,
    MetricsData,
    Sum,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #aa8f5f6048b7ca57 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:103
from opentelemetry.sdk.util.instrumentation import InstrumentationScope

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #49ba7bd789dcd15b Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:104
from opentelemetry.semconv._incubating.attributes.otel_attributes import (
    OtelComponentTypeValues,

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1bc2a666444a89e9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:107
from opentelemetry.util.types import Attributes, AttributeValue

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #55ba55be8a907463 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:519
            port=int(environ.get(OTEL_EXPORTER_PROMETHEUS_PORT, "9464")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4025a8eaff5c2698 Environment-variable access.
pkgs/python/[email protected]/src/opentelemetry/exporter/prometheus/__init__.py:520
            addr=environ.get(OTEL_EXPORTER_PROMETHEUS_HOST, "localhost"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

redis

python dependency
medium telemetry dependency Excluded from app score #d53e7141c052849a Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/asyncio/observability/recorder.py:247
        from opentelemetry.metrics import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #4fc27f37a81f8f8e Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/metrics.py:37
    from opentelemetry.metrics import Meter

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #fc4077f9d3dfae48 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/providers.py:32
    from opentelemetry.sdk.metrics import MeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #00f1aef86dada1e4 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/providers.py:76
            from opentelemetry import metrics

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #61f93a202e2f226f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/providers.py:77
            from opentelemetry.metrics import NoOpMeterProvider

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #1cefe485bb2d9ecd Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/recorder.py:242
        from opentelemetry.metrics import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #66b9ee228c27d2d7 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/recorder.py:727
    from opentelemetry.metrics import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #714e588bca64a9fc Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/redis/observability/registry.py:8
        from opentelemetry.metrics import Observation

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #620e7739007d28b4 Filesystem access.
pkgs/python/[email protected]/redis/commands/json/__init__.py:303
            with open(fp) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ec7bd4721d81e19 Filesystem access.
pkgs/python/[email protected]/redis/commands/json/commands.py:650
        with open(file_name) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pip

python dependency
medium telemetry dependency Excluded from app score #15d5fbc28ffceb6f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/pip/_internal/operations/prepare.py:76
        with build_tracker.track(req, tracker_id):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

medium telemetry dependency Excluded from app score #e0e847ed345e69ec Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/src/pip/_vendor/rich/progress.py:173
        yield from progress.track(
            sequence,
            total=total,
            completed=completed,
            description=description,
            update_period=update_period,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 198 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #ca932031593b8be5 Filesystem access.
pkgs/python/[email protected]/docs/html/conf.py:47
with open(file_with_version) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4e3bf33befd12501 Filesystem access.
pkgs/python/[email protected]/docs/pip_sphinxext.py:80
            path.read_text(encoding="utf-8"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7f07e5b5f69b5b5 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:141
        pip_constraint = os.environ.get("PIP_CONSTRAINT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78a6cad5a07519e4 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:463
        with open(
            os.path.join(self._site_dir, "sitecustomize.py"), "w", encoding="utf-8"
        ) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ccd4d566a3018001 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:497
            name: os.environ.get(name, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #486776cc1d7ae12c Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:508
        os.environ.update(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53ec905336222fec Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:524
                os.environ.pop(varname, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5b117a2dc0f84e5 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/build_env.py:526
                os.environ[varname] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f01612d45e6a9f91 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/cache.py:198
                    origin_direct_url_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3a41b1abc25b180 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/cache.py:271
                origin = DirectUrl.from_json(origin_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb034d1cdebe24ac Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/cache.py:291
        origin_path.write_text(download_info.to_json(), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #583efc728616a547 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/autocompletion.py:20
    if "PIP_AUTO_COMPLETE" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1629bd15ebba69cb Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/autocompletion.py:24
    if not os.environ.get("COMP_WORDS") or not os.environ.get("COMP_CWORD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaf32c9952648183 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/autocompletion.py:26
    cwords = os.environ["COMP_WORDS"].split()[1:]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7064601ce28daace Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/autocompletion.py:27
    cword = int(os.environ["COMP_CWORD"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3cc19f5c31727990 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/base_command.py:212
        if options.python and "_PIP_RUNNING_IN_SUBPROCESS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5666d43f76f984c Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/base_command.py:223
            os.environ["PIP_NO_INPUT"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80e8f6ff5d741f1d Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/base_command.py:226
            os.environ["PIP_EXISTS_ACTION"] = " ".join(options.exists_action)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #057ac29ea420a95e Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/base_command.py:249
            and os.environ.get("PIP_CONSTRAINT", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2bc0d4e894b225fc Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/main_parser.py:84
    if general_options.python and "_PIP_RUNNING_IN_SUBPROCESS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df826e14428a9950 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/main_parser.py:100
        os.environ["_PIP_RUNNING_IN_SUBPROCESS"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef21a07ea090d960 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/parser.py:352
            or bool(strtobool(os.environ.get("PIP_NO_COLOR", "no") or "no"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6fd5f2762c78cd1 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/parser.py:353
            or "NO_COLOR" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #110dfc7af205bd5c Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/cli/req_command.py:71
    return os.environ.get("_PIP_IN_BUILD_IGNORE_CONSTRAINTS") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #396f76dc4c41a938 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/configuration.py:283
        elif "VISUAL" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9d6619fc55eb262 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/configuration.py:284
            return os.environ["VISUAL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2766d50f5ff8c230 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/configuration.py:285
        elif "EDITOR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69ca4b93daf830ae Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/configuration.py:286
            return os.environ["EDITOR"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #33df4dabb61a09d2 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/debug.py:187
        show_value("REQUESTS_CA_BUNDLE", os.environ.get("REQUESTS_CA_BUNDLE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #793021738653cf8a Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/commands/debug.py:188
        show_value("CURL_CA_BUNDLE", os.environ.get("CURL_CA_BUNDLE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1f3d13fefaa3e825 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/commands/hash.py:54
    with open(path, "rb") as archive:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d884d66b5480dc41 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/commands/install.py:488
                    with open(options.json_report_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fdf44e42ea68738 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/commands/list.py:337
            wheel_file = dist.read_text("WHEEL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bcf3e4f0e68572c Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/commands/lock.py:173
            output_file_path.write_text(pylock_toml, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dcd588d8370054b8 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/commands/show.py:131
            entry_points_text = dist.read_text("entry_points.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fb0e8a61e5021a0 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/configuration.py:226
                with open(fname, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f7e43fd60b0c16b Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/configuration.py:333
        for key, val in os.environ.items():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48a36dec2a829431 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/configuration.py:351
        env_config_file = os.environ.get("PIP_CONFIG_FILE", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0bfa7982dcbc8fb5 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/metadata/__init__.py:52
        return bool(strtobool(os.environ["_PIP_USE_IMPORTLIB_METADATA"]))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfeff2f26d348bab Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/base.py:295
            content = self.read_text(DIRECT_URL_METADATA_NAME)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5820ca3318a048f Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/base.py:316
            installer_text = self.read_text("INSTALLER")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d22f53951bb07c1a Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/base.py:463
            text = self.read_text("RECORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #465859699d1772ea Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/base.py:471
            text = self.read_text("installed-files.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba86a4a377b40426 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/base.py:518
            content = self.read_text("requires.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #422c7e519f4419ca Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/importlib/_dists.py:183
        return self._dist.read_text(str(path)) is not None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4588f342ae00c3f Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/importlib/_dists.py:195
        content = self._dist.read_text(str(path))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #386980f10c457acb Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/metadata/pkg_resources.py:226
            metadata = self.read_text(metadata_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1aba0e6d7934ab78 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/network/auth.py:138
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6dd56408b3d9c08 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/network/auth.py:154
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #590c140adec91c4f Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/network/auth.py:192
                path = os.environ.get("PATH", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05c806ce90fa5451 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/network/cache.py:77
            with open(metadata_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eef8af91ab0b4400 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/network/cache.py:119
            return open(body_path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47feb4afbf4c3f6c Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/network/download.py:191
        with open(filepath, "wb") as content_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4f41bcacd937d24d Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/network/download.py:308
        with open(download.output_file.name, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25ff7cbd5c090153 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/network/session.py:105
    return any(name in os.environ for name in CI_ENVIRONMENT_VARIABLES)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5664c246b55ed1fe Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/network/session.py:200
    user_data = os.environ.get("PIP_USER_AGENT_USER_DATA")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a94bb8a7d3aa55e7 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/network/session.py:246
            resp.raw = open(pathname, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1282812b4726b18e Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/check.py:132
            wheel_file = p.read_text("WHEEL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a019b85f7bcbe64 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/freeze.py:62
            with open(req_file_path) as req_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e11add9a11e95798 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:93
    with open(path, "rb") as script:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4057c5b8ac491c1f Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:100
    with open(path, "wb") as script:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d53f6e931198858 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:139
        for i in os.environ.get("PATH", "").split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc20c411c450d00b Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:180
        i[0] == "~" for i in os.environ.get("PATH", "").split(os.pathsep) if i

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73653843ce089c14 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:308
        if "ENSUREPIP_OPTIONS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a3bf6c52607f46ef Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:311
        if os.environ.get("ENSUREPIP_OPTIONS", "") != "altinstall":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f126f2142dfd9666 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:321
        if "ENSUREPIP_OPTIONS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36edff5d41e7b753 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:368
        with open(self.dest_path, "wb") as dest:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #134832e1c0aadc7f Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:704
        with open(requested_path, "wb"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85075049403c1031 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/install/wheel.py:708
    record_text = distribution.read_text("RECORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #987f41cc15a632f2 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/operations/prepare.py:410
        with open(metadata_file.path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c38c2fdfc21c856 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/pyproject.py:63
        with open(pyproject_toml, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29ef967805bb3257 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/constructors.py:191
    with open(filename, encoding="utf-8", errors="ignore") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2d961e8f7a707d02 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/pep723.py:17
    with open(scriptfile, encoding="utf8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec35be0372e002b3 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_dependency_group.py:79
        with open(path, "rb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9adb2b72cea31c21 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/req/req_file.py:554
            value = os.getenv(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e96692d7dffd11b Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_file.py:585
        with open(url, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0b72848799ed0fe Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:488
                    namespace_packages = dist.read_text("namespace_packages.txt")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b817535b62813c9 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:495
                    for p in dist.read_text("top_level.txt").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #597b225f89a9dd30 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:529
            with open(develop_egg_link) as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7567fb55d32125c3 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:612
        with open(self.file, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95f3a537d1e28fb0 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:629
        with open(self.file, "wb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5e5c2838507cb34 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/req/req_uninstall.py:637
        with open(self.file, "wb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13056528ca532337 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/resolution/resolvelib/resolver.py:87
        if "PIP_RESOLVER_DEBUG" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebd831057b1abc1e Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/self_outdated_check.py:64
                with open(self._statefile_path, encoding="utf-8") as statefile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc109c4a8287dddb Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/utils/entrypoints.py:54
    path_parts = os.path.normcase(os.environ.get("PATH", "")).split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e19fecc908b5185e Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/hashes.py:104
        with open(path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6efe99acbb25c339 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/utils/misc.py:205
    for action in os.environ.get("PIP_EXISTS_ACTION", "").split():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc1f5e61fa3f9882 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/utils/misc.py:213
    if os.environ.get("PIP_NO_INPUT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e9b6305064a458e Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/misc.py:620
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b409981c0f7eee1a Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/pylock.py:252
    return Path(path_or_url).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #30c0659d84039601 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/utils/subprocess.py:123
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #050800f7131b64c3 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/unpacking.py:119
    zipfp = open(filename, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93585fd78b4787a0 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/unpacking.py:145
                    with open(fn, "wb") as destfp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e39258126b28a596 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/unpacking.py:324
            with open(path, "wb") as destfp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a48db2501940a706 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/utils/virtualenv.py:46
        with open(pyvenv_cfg_file, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ba1244fcadc9714 Environment-variable access.
pkgs/python/[email protected]/src/pip/_internal/vcs/git.py:84
        if os.environ.get("PIP_NO_INPUT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7cc81863bac912c Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/vcs/mercurial.py:78
            with open(repo_config, "w") as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #771b920ec08c88c4 Filesystem access.
pkgs/python/[email protected]/src/pip/_internal/vcs/subversion.py:137
            with open(entries_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #455ccc4569daf816 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/cachecontrol/caches/file_cache.py:68
            with open(name, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d86317356afe0e9 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/cachecontrol/caches/file_cache.py:126
            return open(name, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #703ff940fd3c2632 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/certifi/core.py:47
        return files("pip._vendor.certifi").joinpath("cacert.pem").read_text(encoding="ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8a81221de3a7991 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/certifi/core.py:83
        return read_text("pip._vendor.certifi", "cacert.pem", encoding="ascii")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a964f7de5fc16b07 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/compat.py:231
            path = os.environ.get("PATH", os.defpath)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e02544ea6c5c3363 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/compat.py:242
            pathext = os.environ.get("PATHEXT", "").split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d56dc504a396d1ee Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/resources.py:66
                with open(result, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bdbac2e3a011675 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/resources.py:167
        return open(resource.path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac387197209fb174 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/resources.py:170
        with open(resource.path, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c0e50e8659e7bcf Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/scripts.py:129
                with open(executable) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bedbe53d9f79f049 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/scripts.py:270
                source_date_epoch = os.environ.get('SOURCE_DATE_EPOCH')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18096864dc1aeacc Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/scripts.py:354
            f = open(script, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ceba670a3fde75e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:544
                outstream = open(outfile, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b1c799655d5b685 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:558
            with open(path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47753d9c2085a8ed Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:768
    if os.name == 'nt' and 'LOCALAPPDATA' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bff7ae518ea9546e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:1609
    return open(fn, mode, **kwargs)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c46e8023f4a01337 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:1867
        with open(fn, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69c69be7fbbcdb96 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:1918
    if "_PYTHON_HOST_PLATFORM" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d9427661db8c309 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:1919
        return os.environ["_PYTHON_HOST_PLATFORM"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69cad4e5ca69a1dd Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distlib/util.py:1981
    cross_compilation_target = os.environ.get('VSCMD_ARG_TGT_ARCH')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92ee251556dcb977 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distro/distro.py:75
_UNIXCONFDIR = os.environ.get("UNIXCONFDIR", "/etc")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e730de0dab092d6b Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/distro/distro.py:76
_UNIXUSRLIBDIR = os.environ.get("UNIXUSRLIBDIR", "/usr/lib")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83f85ab56aed1c8e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distro/distro.py:1099
            with open(self.os_release_file, encoding="utf-8") as release_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9efccb4defc4052 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distro/distro.py:1221
            with open(
                os.path.join(self.etc_dir, "debian_version"), encoding="ascii"
            ) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e7e413a8f0e8e3f Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/distro/distro.py:1323
            with open(filepath, encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65e421dbb22e0380 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/msgpack/__init__.py:11
if os.environ.get("MSGPACK_PUREPYTHON"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f9e2285471b3997 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/packaging/_manylinux.py:34
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5cfd2c8e8f2579d2 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/packaging/_musllinux.py:46
        with open(executable, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d980376130f5d26 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:440
            with open(plist, 'rb') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8342412891a2713 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:1450
        if os.name == 'nt' and not path.startswith(os.environ['windir']):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf00e54268feb00f Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:1532
    return os.environ.get('PYTHON_EGG_CACHE') or _user_cache_dir(appname='Python-Eggs')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8cd5c40c8bbff8af Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:1883
        return open(self._fn(self.module_path, resource_name), 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abc48f909765759e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:1886
        with open(path, 'rb') as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #040f03aeb39e86b2 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:2098
        with open(file_path, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #934b29fb093679f6 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:2173
        with open(self.path, encoding='utf-8', errors="replace") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ce32a6b4c5f00ac Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:3580
        with open(file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05b1855c30cdba0a Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pkg_resources/__init__.py:3601
        with open(file, "r", encoding=fallback_encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba7189bb8eefb120 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/__init__.py:31
    if os.getenv("ANDROID_DATA") == "/data" and os.getenv("ANDROID_ROOT") == "/system":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #103cd6a3fb63c57f Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/__init__.py:32
        if os.getenv("SHELL") or os.getenv("PREFIX"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fccaf2f6496631aa Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:45
        path = os.environ.get("XDG_DATA_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a8ea0fb6adb67d6 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:52
        path = os.environ.get("XDG_DATA_DIRS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad2d5f19ec009946 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:76
        path = os.environ.get("XDG_CONFIG_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecd71a6e94b960b1 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:83
        path = os.environ.get("XDG_CONFIG_DIRS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2cd9ec02410259c Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:107
        path = os.environ.get("XDG_CACHE_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4768ea71ec713b54 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:123
        path = os.environ.get("XDG_STATE_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc5b8cd14e1d3072 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:177
        path = os.environ.get("XDG_RUNTIME_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a70412a37c620709 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:201
        path = os.environ.get("XDG_RUNTIME_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd77b6b83b1e19aa Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/unix.py:238
        media_dir = os.environ.get(env_var, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae194bc076c62d4a Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:157
    result = os.environ.get(env_var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #653db10bb4e6586a Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:167
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Documents")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb632f3d93e2afd1 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:170
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Downloads")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3218b0168c9d4a40 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:173
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Pictures")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51b23abf7f3c2a31 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:176
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Videos")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de98e965d1dd956c Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/platformdirs/windows.py:179
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Music")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1fce11f55e173176 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pygments/formatters/__init__.py:102
        with open(filename, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c13fde23a8215bfc Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pygments/lexers/__init__.py:153
        with open(filename, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4aed3334825d519 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pygments/sphinxext.py:174
                content = p.read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b310cc704218c0d4 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pygments/unistring.py:115
    with open(__file__, encoding='utf-8') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe0ca3bc9db91eea Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pygments/unistring.py:139
    with open(__file__, 'w', encoding='utf-8') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c38862e9123f3ad7 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_impl.py:29
    with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26268c7db5bbe5a1 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_impl.py:34
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27e9b6e9a61634c2 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_impl.py:79
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4669259b86de541 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_impl.py:95
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1cc7f754506dd34 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_in_process/_in_process.py:32
    with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd249e590e2399cc Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_in_process/_in_process.py:37
    with open(path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8145d4263ac177f3 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_in_process/_in_process.py:60
    backend_path = os.environ.get("_PYPROJECT_HOOKS_BACKEND_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #923fa55f5f773208 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_in_process/_in_process.py:61
    ep = os.environ["_PYPROJECT_HOOKS_BUILD_BACKEND"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #deebc1efd45174e8 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/pyproject_hooks/_in_process/_in_process.py:235
    with open(os.path.join(metadata_directory, WHEEL_BUILT_MARKER), "wb"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab2dc401acc2e588 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/sessions.py:771
                    os.environ.get("REQUESTS_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8901fea6e98575b5 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/sessions.py:772
                    or os.environ.get("CURL_CA_BUNDLE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3102340fa55995df Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:209
    netrc_file = os.environ.get("NETRC")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f1c472ee8462c22 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:740
        old_value = os.environ.get(env_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c605a130b4603773 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:741
        os.environ[env_name] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8df6a1cb24bf0b91 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:747
                del os.environ[env_name]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d27c58bde68b4a0 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:749
                os.environ[env_name] = old_value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44f4f7fb9cf4e5a1 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/requests/utils.py:762
        return os.environ.get(key) or os.environ.get(key.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6941df51db3ae790 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:441
        self.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62bac548332d3e8e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:612
    term.write_text("went back and wrapped to prev line")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #befa0ee993f4bcf4 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:615
    term.write_text("we go up")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31541bb6f563352e Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:618
    term.write_text("and down")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a344b2c41cf7f80 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:623
    term.write_text("we went up and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c0663f30c258bfb Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:628
    term.write_text("we went down and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13f1fd6f425f613c Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:636
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79f5f2b230ee8159 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_win32_console.py:646
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #175d0b6ecfc1809b Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_windows_renderer.py:19
                term.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4a23ed732450831 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/_windows_renderer.py:28
                    term.write_text("\r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bee2b4c1d04b378 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/rich/console.py:521
        or os.getenv("DATABRICKS_RUNTIME_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #37c992b4b3d6f751 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/rich/console.py:623
    _environ: Mapping[str, str] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e9c7e0780ec2614 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/console.py:2216
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #39c46be7933e7a1c Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/console.py:2322
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31c591640643c0bf Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/console.py:2611
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1e4f32702e0dacb Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/rich/diagnose.py:32
    env = {name: os.getenv(name) for name in env_names}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df5e2f7b86ad14ec Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/json.py:134
            json_data = Path(args.path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a1aec5042b594ed Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/progress.py:1372
        handle = io.open(file, "rb", buffering=buffering)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24355ea60d4c31d8 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/syntax.py:357
        code = Path(path).read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b60dd771dc11517 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/rich/theme.py:72
        with open(path, encoding=encoding) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbb6564ceb598ad8 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/urllib3/contrib/emscripten/fetch.py:204
        streaming_worker_code = (
            files(__package__)
            .joinpath("emscripten_fetch_worker.js")
            .read_text(encoding="utf-8")
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #741731b27cc15b7b Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/urllib3/util/ssl_.py:367
    if "SSLKEYLOGFILE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40080100c8eb57a7 Environment-variable access.
pkgs/python/[email protected]/src/pip/_vendor/urllib3/util/ssl_.py:368
        sslkeylogfile = os.path.expandvars(os.environ.get("SSLKEYLOGFILE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c6f37bd236962838 Filesystem access.
pkgs/python/[email protected]/src/pip/_vendor/urllib3/util/ssl_.py:502
    with open(key_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

elasticsearch

python dependency
medium telemetry dependency Excluded from app score #f0aca331e2ba4cb9 Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/elasticsearch/_otel.py:25
    from opentelemetry import trace

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #ab3320696ce5aa8e Environment-variable access.
pkgs/python/[email protected]/elasticsearch/_otel.py:51
            enabled = os.environ.get(ENABLED_ENV_VAR, "true") == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a92778f45d92962 Environment-variable access.
pkgs/python/[email protected]/elasticsearch/_otel.py:58
            self.body_strategy = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7b04214d5f470a7 Environment-variable access.
pkgs/python/[email protected]/elasticsearch/_otel.py:58
            self.body_strategy = os.environ.get(
                BODY_STRATEGY_ENV_VAR, DEFAULT_BODY_STRATEGY
            )  # type: ignore[assignment]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e5fd4a5a55aab8aa Environment-variable access.
pkgs/python/[email protected]/elasticsearch/compat.py:45
    if os.environ.get(DISABLE_WARN_STACKLEVEL_ENV_VAR) in ["1", "true", "True"]:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

rich

python dependency
medium telemetry dependency Excluded from app score #dc9d12182f3df53f Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/rich/progress.py:173
        yield from progress.track(
            sequence,
            total=total,
            completed=completed,
            description=description,
            update_period=update_period,
        )

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 22 low-confidence finding(s)
low env_fs dependency Excluded from app score #bf549e95614a1e48 Environment-variable access.
pkgs/python/[email protected]/rich/_unicode_data/__init__.py:67
        unicode_version = os.environ.get("UNICODE_VERSION", "latest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be620ac3a77fba9b Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:441
        self.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9024f2aa109b1a10 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:612
    term.write_text("went back and wrapped to prev line")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #588490768fc44998 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:615
    term.write_text("we go up")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81b0e6d3c10b3341 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:618
    term.write_text("and down")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43de38ebfb991dcd Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:623
    term.write_text("we went up and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d11f0478440f54f Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:628
    term.write_text("we went down and back 2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d54db231dea553a5 Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:636
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #339bd8d9a92d867e Filesystem access.
pkgs/python/[email protected]/rich/_win32_console.py:646
    term.write_text("The red arrow shows the cursor location, and direction of erase")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #270b824c811c7f16 Filesystem access.
pkgs/python/[email protected]/rich/_windows_renderer.py:19
                term.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aea75913b86b04d9 Filesystem access.
pkgs/python/[email protected]/rich/_windows_renderer.py:28
                    term.write_text("\r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3a7e4878c11b26c0 Environment-variable access.
pkgs/python/[email protected]/rich/console.py:515
        or os.getenv("DATABRICKS_RUNTIME_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a413c16ee7f4dd69 Environment-variable access.
pkgs/python/[email protected]/rich/console.py:617
    _environ: Mapping[str, str] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf2028ef87679152 Filesystem access.
pkgs/python/[email protected]/rich/console.py:2241
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9a01a1fac1feeb4 Filesystem access.
pkgs/python/[email protected]/rich/console.py:2349
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce29ab7f3112952e Filesystem access.
pkgs/python/[email protected]/rich/console.py:2641
        with open(path, "w", encoding="utf-8") as write_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e76e98d0f124acf2 Environment-variable access.
pkgs/python/[email protected]/rich/diagnose.py:32
    env = {name: os.getenv(name) for name in env_names}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #313c6893c4333242 Filesystem access.
pkgs/python/[email protected]/rich/json.py:134
            json_data = Path(args.path).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd43ffaf4d55c26b Filesystem access.
pkgs/python/[email protected]/rich/markdown.py:777
        with open(args.path, encoding="utf-8") as markdown_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55e28843e34a6598 Filesystem access.
pkgs/python/[email protected]/rich/progress.py:1373
        handle = io.open(file, "rb", buffering=buffering)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67eb345461484cfe Filesystem access.
pkgs/python/[email protected]/rich/syntax.py:360
        code = Path(path).read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c092471aa22fbfd9 Filesystem access.
pkgs/python/[email protected]/rich/theme.py:73
        with open(path, encoding=encoding) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

typer

python dependency
medium telemetry dependency Excluded from app score #45b0c999183a039d Telemetry/analytics SDK usage detected. Confirm user consent and that no PII is sent without a lawful basis.
pkgs/python/[email protected]/docs_src/progressbar/tutorial001_py310.py:12
    for value in track(range(100), description="Processing..."):

A telemetry/analytics SDK is used; event data is sent to a third-party collector.

Fix: Ensure user consent and a lawful basis; strip PII from event payloads.

expand_more 66 low-confidence finding(s)
low env_fs dependency Excluded from app score #1ebcd181d3819c00 Filesystem access.
pkgs/python/[email protected]/docs_src/launch/tutorial002_py310.py:17
        config_path.write_text('{"version": "1.0.0"}')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e5e5badc671494e Filesystem access.
pkgs/python/[email protected]/docs_src/parameter_types/path/tutorial001_an_py310.py:15
        text = config.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #659a656edd1f1ce3 Filesystem access.
pkgs/python/[email protected]/docs_src/parameter_types/path/tutorial001_py310.py:14
        text = config.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27ccbe8d192c7071 Filesystem access.
pkgs/python/[email protected]/docs_src/parameter_types/path/tutorial002_an_py310.py:23
    text = config.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b52eb58e82f9a7d7 Filesystem access.
pkgs/python/[email protected]/docs_src/parameter_types/path/tutorial002_py310.py:20
    text = config.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c88224876ead0286 Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:12
    with open(RELEASE_NOTES_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e99691b3e4b0e621 Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:31
        with open(RELEASE_NOTES_FILE, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8d4dcac5d409d8f8 Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:24
    os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = "/opt/homebrew/lib"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b231c8cbb1b14784 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:29
    content = en_index.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e75e82b154536e52 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:53
    readme_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3a18072015ec4d87 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:64
    readme_content = readme_path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #12b2838a053d769b Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:88
    subprocess.run(args, env={**os.environ, "LINENUMS": "true"}, check=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ad3bfbcecb171883 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:133
    base_content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a49bdb1654cda42c Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:181
        version_file.write_text(content_format, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f16825417d94a2e2 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:237
        content = md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3dce8a35e2e6edec Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:244
            md_file.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4b72d80790b1cac4 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:259
        all_docs_content += md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c5c4ff21af0468b2 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:139
    version_file_content = version_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bc3d98e5ac4723af Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:140
    release_notes_content = release_notes_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c1305ac8ff2338e2 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:145
    version_file.write_text(
        update_version_file(version_file_content, version, version_file)
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f1b6ec791e0d742a Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:148
    release_notes_file.write_text(
        update_release_notes(
            release_notes_content, version, parsed_release_date, release_notes_file
        )
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1f977060c4dd3856 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:171
    typer.echo(get_current_version(version_file.read_text(), version_file))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #13b839aabc9c5786 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:199
    version = get_current_version(version_file.read_text(), version_file)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7cb6f84ac9a835a4 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:202
            release_notes_file.read_text(), version, release_notes_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0fb5d1759bff546 Filesystem access.
pkgs/python/[email protected]/typer/_click/_compat.py:319
        return open(file, mode)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c86a5694daef7053 Filesystem access.
pkgs/python/[email protected]/typer/_click/_compat.py:321
    return open(file, mode, encoding=encoding, errors=errors)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #995a505782d7a192 Filesystem access.
pkgs/python/[email protected]/typer/_click/_termui_impl.py:363
        null = open("/dev/null", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51408a22bbbff4f8 Filesystem access.
pkgs/python/[email protected]/typer/_click/_termui_impl.py:493
            f = open("/dev/tty")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ccf9458c09159e0 Filesystem access.
pkgs/python/[email protected]/typer/_click/core.py:678
                formatter.write_text(text)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e81b9ab09afd8bf Filesystem access.
pkgs/python/[email protected]/typer/_click/core.py:691
                formatter.write_text(epilog)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #949e50a5a15a97b0 Environment-variable access.
pkgs/python/[email protected]/typer/_click/core.py:1022
            rv = os.environ.get(self.envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6494955e2d0c457 Environment-variable access.
pkgs/python/[email protected]/typer/_click/core.py:1028
                rv = os.environ.get(envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad3946731598747a Filesystem access.
pkgs/python/[email protected]/typer/_click/utils.py:134
                open(filename, mode).close()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c25c5466d17058a Environment-variable access.
pkgs/python/[email protected]/typer/_click/utils.py:355
        folder = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4840bb3f7015e96 Environment-variable access.
pkgs/python/[email protected]/typer/_click/utils.py:366
        os.environ.get("XDG_CONFIG_HOME", os.path.expanduser("~/.config")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41499939257d7c43 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:40
        cwords = click_split_arg_string(os.environ["COMP_WORDS"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc21fd527e6ad6fb Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:41
        cword = int(os.environ["COMP_CWORD"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #397a61364dc7cb12 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:110
        completion_args = os.getenv("_TYPER_COMPLETE_ARGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f1b1fd3ced214df6 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:161
        completion_args = os.getenv("_TYPER_COMPLETE_ARGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9078e7b449dddb89 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:185
        complete_action = os.getenv("_TYPER_COMPLETE_FISH_ACTION", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #caddae61233e8666 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:214
        completion_args = os.getenv("_TYPER_COMPLETE_ARGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #951a811b8fcad6ce Environment-variable access.
pkgs/python/[email protected]/typer/_completion_classes.py:215
        incomplete = os.getenv("_TYPER_COMPLETE_WORD_TO_COMPLETE", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c5ebae0dab63ac5 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:105
        rc_content = rc_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5c80f2012aa5090 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:111
    rc_path.write_text(rc_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8144388445539a26 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:117
    completion_path.write_text(script_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1600a2f72bf57c13 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:127
        zshrc_content = zshrc_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73d1f915ed3e1e53 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:138
    zshrc_path.write_text(zshrc_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91a7d1e817376714 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:145
    path_obj.write_text(script_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e866dfe32deae404 Filesystem access.
pkgs/python/[email protected]/typer/_completion_shared.py:156
    path_obj.write_text(f"{script_content}\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bd6fa48089a3e35 Environment-variable access.
pkgs/python/[email protected]/typer/_completion_shared.py:212
    test_disable_detection = os.getenv("_TYPER_COMPLETE_TEST_DISABLE_SHELL_DETECTION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #174bead618915a1f Filesystem access.
pkgs/python/[email protected]/typer/cli.py:310
        output.write_text(clean_docs)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e65c4a309a825705 Environment-variable access.
pkgs/python/[email protected]/typer/completion.py:19
    test_disable_detection = os.getenv("_TYPER_COMPLETE_TEST_DISABLE_SHELL_DETECTION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1becd720e5da9e1f Environment-variable access.
pkgs/python/[email protected]/typer/completion.py:49
    test_disable_detection = os.getenv("_TYPER_COMPLETE_TEST_DISABLE_SHELL_DETECTION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b174a18f592f2102 Environment-variable access.
pkgs/python/[email protected]/typer/core.py:26
HAS_RICH = parse_boolean_env_var(os.getenv("TYPER_USE_RICH"), default=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #823e3c317d000c1f Environment-variable access.
pkgs/python/[email protected]/typer/core.py:694
            rv = os.environ.get(envvar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #251ee07121a23c02 Environment-variable access.
pkgs/python/[email protected]/typer/core.py:888
    instruction = os.environ.get(complete_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e9876ddec132e9d Environment-variable access.
pkgs/python/[email protected]/typer/main.py:67
    standard_traceback = os.getenv(
        "TYPER_STANDARD_TRACEBACK", os.getenv("_TYPER_STANDARD_TRACEBACK")
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b9837e1b78c5d4e Environment-variable access.
pkgs/python/[email protected]/typer/main.py:68
        "TYPER_STANDARD_TRACEBACK", os.getenv("_TYPER_STANDARD_TRACEBACK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7750b4302cf4b757 Environment-variable access.
pkgs/python/[email protected]/typer/rich_utils.py:72
_TERMINAL_WIDTH = getenv("TERMINAL_WIDTH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fd0b33f916f2966 Environment-variable access.
pkgs/python/[email protected]/typer/rich_utils.py:77
_TYPER_FORCE_DISABLE_TERMINAL = getenv("_TYPER_FORCE_DISABLE_TERMINAL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56e082491b30284e Environment-variable access.
pkgs/python/[email protected]/typer/rich_utils.py:80
    if getenv("GITHUB_ACTIONS") or getenv("FORCE_COLOR") or getenv("PY_COLORS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #875659965d85ca67 Environment-variable access.
pkgs/python/[email protected]/typer/testing.py:247
                old_env[key] = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71d2da872a2eb1bd Environment-variable access.
pkgs/python/[email protected]/typer/testing.py:250
                        del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f794564fd572f77a Environment-variable access.
pkgs/python/[email protected]/typer/testing.py:254
                    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8a074c830a54d0b Environment-variable access.
pkgs/python/[email protected]/typer/testing.py:260
                        del os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7768563039a06f85 Environment-variable access.
pkgs/python/[email protected]/typer/testing.py:264
                    os.environ[key] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

OpenDsStar

python dependency
expand_more 31 low-confidence finding(s)
low env_fs dependency Excluded from app score #e993d6105337fedb Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:530
                    os.environ["OLLAMA_API_BASE"] = base_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f732117e9426d02 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:538
                os.environ["WATSONX_API_KEY"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4462bda5cd639cf6 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:542
                os.environ["WATSONX_URL"] = self._get_secret_value(model.url) or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62c358bf0ef75e24 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:544
                os.environ["WATSONX_PROJECT_ID"] = (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #792e5aba21507b9b Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:548
                f"Set WatsonX environment variables (project_id: {os.environ.get('WATSONX_PROJECT_ID', 'not set')})"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d83e5ec7762e88d6 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:559
                    os.environ["OPENAI_API_KEY"] = api_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b47a06667aed39a2 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:566
                    os.environ["OPENAI_API_BASE"] = base_url

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70e1c64f766015ae Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:577
                    os.environ["ANTHROPIC_API_KEY"] = api_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3f47f01e10c7438 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:592
                        os.environ["LITELLM_API_KEY"] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47b32831d3af4531 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/codeact_smolagents/codeact_agent_smolagents.py:601
                        os.environ["LITELLM_API_BASE"] = value

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69488bd9e2a252e9 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/utils/providers/custom_api_provider.py:81
        self._prefix = prefix or os.getenv("CUSTOM_API_PREFIX", "custom")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e87d609c1add5c1 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/utils/providers/custom_api_provider.py:82
        self._api_base = api_base or os.getenv("CUSTOM_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba0309f0e86d79ad Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/utils/providers/custom_api_provider.py:83
        self._api_key = api_key or os.getenv("CUSTOM_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7eef05f3acdf0453 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/utils/providers/custom_api_provider.py:84
        self._custom_llm_provider = custom_llm_provider or os.getenv(
            "CUSTOM_API_PROVIDER", "openai"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bf9522f960e2809 Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/agents/utils/providers/custom_api_provider.py:87
        self._name = name or os.getenv("CUSTOM_API_NAME", "CustomAPI")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c09d7a70a238a7ea Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/core/milvus_uri.py:15
    env_uri = os.environ.get("OPENDSSTAR_MILVUS_URI", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #b3cfb84a38b40400 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/benchmarks/databench/data_reader.py:147
                    return open(file_path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #982c43fcf83c1f45 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/demo/create_mcp_tools.py:97
                return open(path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #6875cab22562f64c Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/demo/create_mcp_tools.py:269
        with open(csv_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #2c0495ee233fa9ca Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/demo/create_mcp_tools.py:337
        target_path.write_text(df_csv, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e330e9c415e6278d Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/pipeline.py:683
        with open(output_file, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #529f9e61543a3270 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/utils/recreatable.py:123
        with open(path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce6ac7bd719329b6 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/utils/recreatable.py:147
        with open(path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #370ce47c1eef9298 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/utils/recreatable.py:185
        with open(path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7013970f41bd3a8 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/utils/run_experiment_by_params_file.py:45
    with open(params_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e51db1ebbf2e5e8 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/experiments/utils/run_experiment_by_params_file.py:114
        with open(params_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86ac1bc405a8dc0a Environment-variable access.
pkgs/python/[email protected]/src/OpenDsStar/ingestion/docling_based_ingestion/docling_description_builder.py:167
        custom_prefix = os.getenv("CUSTOM_API_PREFIX", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b17754092ade3a5c Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/ingestion/docling_based_ingestion/docling_description_builder.py:193
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #c0e4184d81eecc43 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/tools/vector_store_tool.py:205
            stored_hash = hash_marker_path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #a76f2ff58c51b1d3 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/tools/vector_store_tool.py:220
        hash_marker_path.write_text(corpus_hash)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55a9c06f26e0e502 Filesystem access.
pkgs/python/[email protected]/src/OpenDsStar/ui/agentic_results_viewer/agentic_viewer_utils.py:18
        with open(file_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

PyJWT

python dependency
expand_more 4 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #642e7494d58ef58f Filesystem access.
pkgs/python/[email protected]/docs/conf.py:11
    with open(os.path.join(here, *parts), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9a05b259134d54d3 Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:97
os.environ["SPHINX_BUILD"] = "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac8c605c193f2b24 Environment-variable access.
pkgs/python/[email protected]/jwt/algorithms.py:102
    if TYPE_CHECKING or bool(os.getenv("SPHINX_BUILD", "")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ea64366a3e4c5f1 Environment-variable access.
pkgs/python/[email protected]/jwt/api_jwt.py:25
if TYPE_CHECKING or bool(os.getenv("SPHINX_BUILD", "")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

aiofile

python dependency
expand_more 5 low-confidence finding(s)
low env_fs dependency Excluded from app score #67dfb2a835029b5e Filesystem access.
pkgs/python/[email protected]/aiofile/aio.py:231
        data = await self.read_bytes(size, offset)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8c41eeadb547b11 Filesystem access.
pkgs/python/[email protected]/aiofile/utils.py:26
        chunk_bytes = await afp.read_bytes(-1, offset)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbc3e58f95eff3b2 Filesystem access.
pkgs/python/[email protected]/aiofile/utils.py:31
        chunk_bytes = await afp.read_bytes(chunk_size + retry, offset)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffeb5a9209aa91b0 Filesystem access.
pkgs/python/[email protected]/aiofile/utils.py:65
                chunk = await self.file.read_bytes(
                    self._chunk_size, self.__offset,
                )   # type: Union[str, bytes]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e46c13ac1d49e60a Filesystem access.
pkgs/python/[email protected]/aiofile/utils.py:227
        data = await self.file.read_bytes(length, self._offset)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

alembic

python dependency
expand_more 30 low-confidence finding(s)
low env_fs dependency Excluded from app score #b23138c68dcb4db6 Filesystem access.
pkgs/python/[email protected]/alembic/command.py:141
                with open(toml_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d32012cced7553d Filesystem access.
pkgs/python/[email protected]/alembic/command.py:174
                with open(path, "w"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc1498cc47afcde1 Filesystem access.
pkgs/python/[email protected]/alembic/config.py:277
            with open(self._toml_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bddb33be1e7bfd40 Environment-variable access.
pkgs/python/[email protected]/alembic/config.py:985
        alembic_config_env = os.environ.get("ALEMBIC_CONFIG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b87898bd6578bf2d Filesystem access.
pkgs/python/[email protected]/alembic/templates/multidb/env.py:70
        with open(file_, "w") as buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #963eea833ac6bd49 Filesystem access.
pkgs/python/[email protected]/alembic/testing/env.py:93
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2769d8f5d75dd7c8 Filesystem access.
pkgs/python/[email protected]/alembic/testing/env.py:113
    with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab4745dc8ab473d9 Filesystem access.
pkgs/python/[email protected]/alembic/testing/env.py:300
    with open(cfg.toml_file_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0225f379557be37c Filesystem access.
pkgs/python/[email protected]/alembic/testing/env.py:307
    with open(cfg.config_file_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c2dc41635c844fb Filesystem access.
pkgs/python/[email protected]/alembic/testing/env.py:332
    with open(path, "wb") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0f2d31bc6018156 Environment-variable access.
pkgs/python/[email protected]/alembic/testing/fixtures.py:70
        os.environ.pop("ALEMBIC_CONFIG", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9871a09f591b1bb5 Environment-variable access.
pkgs/python/[email protected]/alembic/util/editor.py:33
    env = os.environ if environ is None else environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdb8961bd918db8d Filesystem access.
pkgs/python/[email protected]/alembic/util/pyfiles.py:48
        with open(dest, "ab" if append_with_newlines else "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9829fb1379edae48 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:21
SQLA_REPO = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b595c26e09fa6217 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:21
SQLA_REPO = os.environ.get(
    "SQLA_REPO", "git+https://github.com/sqlalchemy/sqlalchemy.git"
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7f06dc502fe75c1 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:134
    cmd.extend(os.environ.get("TOX_WORKERS", "-n4").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df2bdc1725935e94 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:141
            cmd.extend(os.environ.get("TOX_SQLITE", "--db=sqlite").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6951c21af11416a1 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:147
                os.environ.get("TOX_POSTGRESQL", "--db=postgresql").split()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7aa77c16c5607fe Environment-variable access.
pkgs/python/[email protected]/noxfile.py:153
            cmd.extend(os.environ.get("TOX_MYSQL", "--db=mysql").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c305c49d2eae1d77 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:160
            if "ORACLE_HOME" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d36437154f53b518 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:161
                session.env["ORACLE_HOME"] = os.environ.get("ORACLE_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d6f45952a103655e Environment-variable access.
pkgs/python/[email protected]/noxfile.py:162
            if "NLS_LANG" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abc7d341d3dadec4 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:163
                session.env["NLS_LANG"] = os.environ.get("NLS_LANG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c0003342409ecab Environment-variable access.
pkgs/python/[email protected]/noxfile.py:164
            cmd.extend(os.environ.get("TOX_ORACLE", "--db=oracle").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0af2bf8b405fb404 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:170
            cmd.extend(os.environ.get("TOX_MSSQL", "--db=mssql").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e9e03d51dd48ec7 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:247
    cmd.extend(os.environ.get("TOX_WORKERS", "-n4").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c05cc5e091fc23a8 Filesystem access.
pkgs/python/[email protected]/tools/write_pyi.py:85
    with open(destination_path, "w") as buf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9080340b69bd07df Filesystem access.
pkgs/python/[email protected]/tools/write_pyi.py:305
            sys.stdout.write(f_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #96d0268275bc5a2f Filesystem access.
pkgs/python/[email protected]/tools/write_pyi.py:352
        with open(self.path) as read_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dca203d40d2db581 Filesystem access.
pkgs/python/[email protected]/tools/write_pyi.py:392
        with open(self.path) as read_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

asyncer

python dependency
expand_more 19 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #78699bbfec64a9ff Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:12
    with open(RELEASE_NOTES_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5f263279d3d91dd5 Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:31
        with open(RELEASE_NOTES_FILE, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #468927bc9184b8f7 Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:24
    os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = "/opt/homebrew/lib"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2adc12348856664b Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:29
    content = en_index.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aa9a7629266e7678 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:53
    readme_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a802ae485904b8f9 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:64
    readme_content = readme_path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #48eda7302d83b3b7 Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:88
    subprocess.run(args, env={**os.environ, "LINENUMS": "true"}, check=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1a0965cbfd8bf631 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:133
    base_content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9cd6cee2b34c9218 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:181
        version_file.write_text(content_format, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #73d989c91e51b462 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:237
        content = md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bce50669052dd74f Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:244
            md_file.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4b1ac9955eac0e52 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:259
        all_docs_content += md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2bf7f4fd3c6ba05c Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:139
    version_file_content = version_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a57d24ef689b941d Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:140
    release_notes_content = release_notes_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a01eea19a5dbb3b2 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:145
    version_file.write_text(
        update_version_file(version_file_content, version, version_file)
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ff2198b86a86d255 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:148
    release_notes_file.write_text(
        update_release_notes(
            release_notes_content, version, parsed_release_date, release_notes_file
        )
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6ef6fa096213ac35 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:171
    typer.echo(get_current_version(version_file.read_text(), version_file))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a2bdc6ba5c2411de Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:199
    version = get_current_version(version_file.read_text(), version_file)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #494b6ca089512c52 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:202
            release_notes_file.read_text(), version, release_notes_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

boto3

python dependency
expand_more 4 low-confidence finding(s)
low env_fs tooling reachable #7e48f63dc49fa157 Filesystem access.
pkgs/python/[email protected]/boto3/docs/__init__.py:50
        with open(service_doc_path, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling reachable #18779d7099d13ab1 Filesystem access.
pkgs/python/[email protected]/boto3/docs/service.py:200
            with open(examples_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c622c0089c97ef4b Filesystem access.
pkgs/python/[email protected]/setup.py:24
    init = open(os.path.join(ROOT, 'boto3', '__init__.py')).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #192b38c35ab05d11 Filesystem access.
pkgs/python/[email protected]/setup.py:32
    long_description=open('README.rst').read(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

cachetools

python dependency
expand_more 1 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #2765824f7142d618 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:12
    text = (src_directory / "cachetools/__init__.py").read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

cassio

python dependency
expand_more 16 low-confidence finding(s)
low env_fs dependency Excluded from app score #4c99eb7ef29d7f2b Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:78
        if "CASSANDRA_CONTACT_POINTS" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bb6b1fa1a39d9e7 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:79
            contact_points = os.environ["CASSANDRA_CONTACT_POINTS"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c788299707fd16f3 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:80
            username = os.environ.get("CASSANDRA_USERNAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c873888c9958a874 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:81
            password = os.environ.get("CASSANDRA_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c239f22c49ca3a4b Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:82
            keyspace = os.environ.get("CASSANDRA_KEYSPACE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0ff1331794d5969 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:84
            avar in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ab1060e4c5514c6 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:90
            token = os.environ.get("ASTRA_DB_APPLICATION_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11057d8fa7cae435 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:91
            init_string = os.environ.get("ASTRA_DB_INIT_STRING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de9cc149c17d1b85 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:92
            secure_connect_bundle = os.environ.get("ASTRA_DB_SECURE_BUNDLE_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67dedd9d4a98fe13 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:93
            keyspace = os.environ.get("ASTRA_DB_KEYSPACE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f52d8afcc386bf03 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:94
            database_id = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91599ceb3f2f0147 Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:94
            database_id = os.environ.get(
                "ASTRA_DB_ID", os.environ.get("ASTRA_DB_DATABASE_ID")
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a186639019d3fcbe Environment-variable access.
pkgs/python/[email protected]/src/cassio/config/__init__.py:95
                "ASTRA_DB_ID", os.environ.get("ASTRA_DB_DATABASE_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60041e6a3e8c39a8 Filesystem access.
pkgs/python/[email protected]/src/cassio/config/bundle_download.py:77
    with open(out_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5dfd111e588a9495 Filesystem access.
pkgs/python/[email protected]/src/cassio/config/bundle_management.py:35
    with open(file_path) as o_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab1f33751e8c3e85 Filesystem access.
pkgs/python/[email protected]/src/cassio/config/bundle_management.py:87
            config = json.load(open(os.path.join(temp_dir, CONFIG_FILE_NAME)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

chardet

python dependency
expand_more 38 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #41f2f3280a893333 Filesystem access.
pkgs/python/[email protected]/scripts/benchmark_char_dataset.py:132
        data = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a92f989a39c2ec89 Filesystem access.
pkgs/python/[email protected]/scripts/benchmark_char_dataset.py:208
        tmp.write_text(
            "import charset_normalizer; print(charset_normalizer.__version__)"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f5c184a5fa27c844 Filesystem access.
pkgs/python/[email protected]/scripts/benchmark_char_dataset.py:243
        script.write_text(_CN_DETECT_SCRIPT)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8e3c57ee06d1784b Filesystem access.
pkgs/python/[email protected]/scripts/benchmark_char_dataset.py:324
        data_bytes = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #70154515f774bdb7 Filesystem access.
pkgs/python/[email protected]/scripts/benchmark_char_dataset.py:413
    return hashlib.sha256(filepath.read_bytes()).hexdigest()[:12]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b1e106f59460f51c Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:95
                cn_hashes.add(_norm_hash(f.read_bytes()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c47b7a830f9cbd52 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:101
        if _norm_hash(fp.read_bytes()) in cn_hashes

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a04b77b54d641e53 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:139
        h.update(p.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1ca7479c33100222 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:223
        tmp.write_text(script)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f5b209a30d499a44 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:249
        tmp.write_text(script)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e751a9f54bdf2a5b Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:282
        tmp.write_text(script)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #23304c6102a720a5 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:317
            tmp.write_text("import chardet; print(chardet.__version__)")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c5a6e1258945c7b2 Environment-variable access.
pkgs/python/[email protected]/scripts/compare_detectors.py:375
        if os.environ.get("HATCH_BUILD_HOOK_ENABLE_MYPYC", "").lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #82ad5b025d8312e0 Filesystem access.
pkgs/python/[email protected]/scripts/compare_detectors.py:719
        and is_equivalent_detection(filepath.read_bytes(), expected_encoding, detected)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ba6934b4a29c7870 Environment-variable access.
pkgs/python/[email protected]/scripts/compare_detectors.py:1313
            k: v for k, v in os.environ.items() if k != "HATCH_BUILD_HOOK_ENABLE_MYPYC"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9ebb221018c17b25 Environment-variable access.
pkgs/python/[email protected]/scripts/compare_detectors.py:1334
            env={**os.environ, "HATCH_BUILD_HOOK_ENABLE_MYPYC": "true"},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f10dded32ff6267e Filesystem access.
pkgs/python/[email protected]/scripts/confusion_training.py:209
    data = input_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0288a6c1199ecdd6 Filesystem access.
pkgs/python/[email protected]/scripts/data_sources.py:154
        texts.append(p.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c515146e48be5851 Filesystem access.
pkgs/python/[email protected]/scripts/data_sources.py:161
    (cache_dir / f"{index:06d}.txt").write_text(text, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #732a96291155f5d8 Filesystem access.
pkgs/python/[email protected]/scripts/data_sources.py:176
    (cache_dir / _SENTINEL_FILE).write_text(
        _hash_exclusion_set(exclusions) + "\n",
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9f8e9963dd34167d Filesystem access.
pkgs/python/[email protected]/scripts/data_sources.py:187
    stored = sentinel.read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #876f13111dd3b4c2 Filesystem access.
pkgs/python/[email protected]/scripts/diagnose_accuracy.py:73
        data = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #92a841fc78af1dde Filesystem access.
pkgs/python/[email protected]/scripts/exclusions.py:81
                raw_bytes = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #88d5bb45e4523ae0 Filesystem access.
pkgs/python/[email protected]/scripts/profile_detection.py:65
        data = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4692f58df17dfd51 Filesystem access.
pkgs/python/[email protected]/scripts/profile_detection.py:75
        warmup_data = test_files[0][2].read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e004d96828168e01 Filesystem access.
pkgs/python/[email protected]/scripts/profile_detection.py:83
        data = filepath.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #921997941fb5f8bf Environment-variable access.
pkgs/python/[email protected]/scripts/profile_detection.py:330
            env={**os.environ, "HATCH_BUILD_HOOK_ENABLE_MYPYC": "true"},

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #08424d874e2e7264 Environment-variable access.
pkgs/python/[email protected]/scripts/profile_detection.py:368
                **os.environ,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e876efb727a27d4c Environment-variable access.
pkgs/python/[email protected]/scripts/profile_detection.py:370
                "PATH": f"{venv_dir / 'bin'}:{os.environ.get('PATH', '')}",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ed5cdc6c4269e982 Filesystem access.
pkgs/python/[email protected]/scripts/train.py:163
    data = input_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9e1055cc22b0b7cc Filesystem access.
pkgs/python/[email protected]/scripts/train.py:383
    path.write_text("\n".join(lines) + "\n", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2fa4959c849643d1 Filesystem access.
pkgs/python/[email protected]/scripts/utils.py:76
        (local_data / _REF_FILE).write_text(ref_label + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #52cc5815e4f4d890 Filesystem access.
pkgs/python/[email protected]/scripts/utils.py:99
        if ref_file.is_file() and ref_file.read_text().strip() == desired_label:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9d05d96fb067bb73 Filesystem access.
pkgs/python/[email protected]/scripts/utils.py:270
    return [(enc, lang, fp, fp.read_bytes()) for enc, lang, fp in test_files]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bad45547e6cfb0fa Filesystem access.
pkgs/python/[email protected]/scripts/verify_no_overlap.py:45
                text = article_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5658dcbc23d2871c Filesystem access.
pkgs/python/[email protected]/src/chardet/models/__init__.py:104
    data = ref.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d184957bce784c6 Filesystem access.
pkgs/python/[email protected]/src/chardet/models/__init__.py:195
    data = ref.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d91a84320edc74a Filesystem access.
pkgs/python/[email protected]/src/chardet/pipeline/confusion.py:121
    raw = ref.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

clickhouse-connect

python dependency
expand_more 29 low-confidence finding(s)
low env_fs dependency Excluded from app score #429ac11a6546e2fa Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/base.py:162
        null_map = source.read_bytes(num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9c362277d26ee35 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/network.py:75
            int_value = ifb(source.read_bytes(16), 'big')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #43a1def1636d04b7 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/network.py:97
            x = source.read_bytes(16)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a31d2d14b9ed953 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/numeric.py:91
                app(str(ifb(source.read_bytes(sz), 'little', signed=signed)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #23e79cfcac0eac99 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/numeric.py:94
                app(ifb(source.read_bytes(sz), 'little', signed=signed))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8df5ae4d5fb1c69c Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/numeric.py:184
        column = source.read_bytes(num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e8ab52ae513c6332 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/numeric.py:317
                app(dec(str(ifb(source.read_bytes(sz), 'little', signed=True))))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #729b3ec2bf296b30 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/datatypes/numeric.py:320
            x = ifb(source.read_bytes(sz), 'little', signed=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c98c836e62f854f Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:73
        return self.read_bytes(sz).decode()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d71b735c5344e941 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:76
        return int.from_bytes(self.read_bytes(8), 'little', signed=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d2798f28f73b75a Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:85
        null_map = self.read_bytes(num_rows) if nullable else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36203219f8b8afc1 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:95
            x = self.read_bytes(sz)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0268872ffcf36071 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:108
        source = self.read_bytes(sz * num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acf85397e464bda4 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:112
        source = self.read_bytes(sz * num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2c116ed717a08ec Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/buffer.py:125
        b = self.read_bytes(sz)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f9fc891e2d243ef Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/ctypes.py:19
    if not coerce_bool(os.environ.get('CLICKHOUSE_CONNECT_USE_C', True)):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6cdbbc72733dc782 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/dataconv.py:85
    null_map = source.read_bytes(num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0851ab92d653f106 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/external.py:24
                with open(file_path, 'rb') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edd2251ca49cd310 Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/httputil.py:157
    proxy = os.environ.get(env_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b9b71b594ebda7c Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/httputil.py:159
        proxy = os.environ.get(env_var.upper())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe894a88c877b1d6 Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/httputil.py:162
    no_proxy = os.environ.get('no_proxy')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #010515268f0b4484 Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/httputil.py:164
        no_proxy = os.environ.get('NO_PROXY')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1dca05b2babff4d9 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/npconv.py:8
    buffer = source.read_bytes(dtype.itemsize * num_rows)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d0ba3907ca19395 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/tools.py:27
    with open(file_path, 'rb') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe4f9f7cd1af9d76 Filesystem access.
pkgs/python/[email protected]/clickhouse_connect/driver/transform.py:32
                        source.read_bytes(8)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfd162f0c99a6c85 Environment-variable access.
pkgs/python/[email protected]/clickhouse_connect/driver/tzutil.py:37
    local_tz = pytz.timezone(os.environ.get('TZ', ''))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ac3364028e2a3c9 Filesystem access.
pkgs/python/[email protected]/setup.py:30
    with open(os.path.join(project_dir, 'README.md'), encoding='utf-8') as read_me:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8121438667233515 Filesystem access.
pkgs/python/[email protected]/setup.py:35
        with open(os.path.join(project_dir, '.dev_version'), encoding='utf-8') as version_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4681b8a22c60441 Filesystem access.
pkgs/python/[email protected]/setup.py:38
        with open(os.path.join(project_dir, 'clickhouse_connect', '__version__.py'), encoding='utf-8') as version_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

cryptography

python dependency
expand_more 22 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #42c826eb6e833840 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:88
with open(os.path.join(base_dir, "src", "cryptography", "__about__.py")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a0064fd7d00bd266 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/aes-192-gcm-siv/generate_aes192gcmsiv.py:52
    with open(filename) as vector_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #cce71f5dc2d3380d Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/aes-192-gcm-siv/generate_aes192gcmsiv.py:81
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bd2e79a8b1e8146d Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/arc4/generate_arc4.py:92
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aeaccf3f2d9b82ba Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/cast5/generate_cast5.py:28
    with open(filename) as vector_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6182525043c15aa1 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/cast5/generate_cast5.py:52
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4b707f759995a694 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/hkdf/generate_hkdf.py:34
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #93ff3695f9177eaa Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/generate_idea.py:18
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #11b7b7cb606996d1 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/generate_idea.py:50
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7f063d1e16ba48d7 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/idea/verify_idea.py:22
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f89b296e7b466c08 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/rsa-oaep-sha2/generate_rsa_oaep_sha2.py:98
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f0a0cc720cfe2a0f Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/generate_seed.py:18
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #959964c807882d1d Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/generate_seed.py:49
    with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #47a8a9b940515968 Filesystem access.
pkgs/python/[email protected]/docs/development/custom-vectors/seed/verify_seed.py:20
    with open(filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b874e2e8cf1f48d0 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:64
        rustflags = os.environ.get("RUSTFLAGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a7a2164dedd5a13 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:239
    rustflags = os.environ.get("RUSTFLAGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6926b59b11472900 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:291
    if "CARGO_INCREMENTAL" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bed33543d0de9a1 Filesystem access.
pkgs/python/[email protected]/noxfile.py:406
        with open(f"{uuid.uuid4()}.lcov", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef130e51f8036150 Filesystem access.
pkgs/python/[email protected]/release.py:54
    content = p.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82234e67f0a53fc3 Filesystem access.
pkgs/python/[email protected]/release.py:60
    p.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d1c5e22c18ff116 Environment-variable access.
pkgs/python/[email protected]/src/_cffi_src/build_openssl.py:49
    out_dir = os.environ["OUT_DIR"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27bb70bbef1b4edb Filesystem access.
pkgs/python/[email protected]/src/_cffi_src/utils.py:16
with open(os.path.join(base_src, "cryptography", "__about__.py")) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

ctransformers

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #961494d76dbe68aa Filesystem access.
pkgs/python/[email protected]/ctransformers/hub.py:88
        with open(path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acf3a30e706a9439 Environment-variable access.
pkgs/python/[email protected]/ctransformers/llm.py:120
    if hasattr(os, "add_dll_directory") and "CUDA_PATH" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4a48618436cc55a Environment-variable access.
pkgs/python/[email protected]/ctransformers/llm.py:121
        os.add_dll_directory(os.path.join(os.environ["CUDA_PATH"], "bin"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78f1d1be61e98bac Filesystem access.
pkgs/python/[email protected]/ctransformers/utils.py:8
    with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6a33578243bf8629 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:47
with open(README) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #048deba35be90f64 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:58
with open(README, mode="w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6bdee0a5a7faeb0b Environment-variable access.
pkgs/python/[email protected]/setup.py:4
if os.environ.get("CT_WHEEL") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #921c3de4a0eae2cf Environment-variable access.
pkgs/python/[email protected]/setup.py:11
        value = os.environ.get(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #185c9a797b1197fd Filesystem access.
pkgs/python/[email protected]/setup.py:17
with open("README.md") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

defusedxml

python dependency
expand_more 8 low-confidence finding(s)
low env_fs dependency Excluded from app score #0f051ab69254da64 Filesystem access.
pkgs/python/[email protected]/defusedxml/expatbuilder.py:84
        fp = open(file, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c9b42d8decc1c40 Filesystem access.
pkgs/python/[email protected]/other/python_genshi.py:6
with open(sys.argv[1]) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7febd7cfb5537546 Filesystem access.
pkgs/python/[email protected]/setup.py:27
with open("README.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6d43170e80862a5c Filesystem access.
pkgs/python/[email protected]/setup.py:29
with open("CHANGES.txt") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f903f9996d9d57bf Environment-variable access.
pkgs/python/[email protected]/tests.py:59
os.environ["http_proxy"] = "http://127.0.9.1:9"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ef66ef12cd116fb Environment-variable access.
pkgs/python/[email protected]/tests.py:60
os.environ["https_proxy"] = os.environ["http_proxy"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8b9a3fac77027eb Environment-variable access.
pkgs/python/[email protected]/tests.py:61
os.environ["ftp_proxy"] = os.environ["http_proxy"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce66cd9cbca00c27 Filesystem access.
pkgs/python/[email protected]/tests.py:83
        with io.open(xmlfile, mode) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

duckdb

python dependency
expand_more 21 low-confidence finding(s)
low env_fs dependency Excluded from app score #878a61cc35ba9744 Filesystem access.
pkgs/python/[email protected]/duckdb_packaging/build_backend.py:126
    _version_file_path().write_text(long_version, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80876f46f2926147 Filesystem access.
pkgs/python/[email protected]/duckdb_packaging/build_backend.py:131
    return _version_file_path().read_text(encoding="utf-8").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e59ebec490ecb73 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/pypi_cleanup.py:177
    password = os.getenv("PYPI_CLEANUP_PASSWORD")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #86d6b8448333fa50 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/pypi_cleanup.py:178
    otp = os.getenv("PYPI_CLEANUP_OTP")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e00ee764a8d2fb0e Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:29
    from_env = os.getenv("MAIN_BRANCH_VERSIONING")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0dd7bd57e64d26e0 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:92
    override_value = os.getenv(OVERRIDE_GIT_DESCRIBE_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e184dda37766200f Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:98
        os.environ[SCM_PRETEND_ENV_VAR] = pep440_version

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a38dd3cc6505858 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:100
    elif SCM_PRETEND_ENV_VAR in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de1e980413fe6c50 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:104
    if SCM_GLOBAL_PRETEND_ENV_VAR in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e71914cc3b27dfa3 Environment-variable access.
pkgs/python/[email protected]/duckdb_packaging/setuptools_scm_version.py:146
    del os.environ[env_var]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2987dc20db6c51e4 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:52
    with open(filepath, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04be73c91c64c884 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:81
with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97772f89ef06f0e3 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:116
with open(os.path.join(statements_dir, "common.gram"), 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #208b307564e9be0c Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:124
    with open(os.path.join(keywords_dir, file), 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4f70111626beb03 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:133
        with open(os.path.join(statements_dir, file), 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b91a131f96ff253 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:142
    with open(grammar_file, 'w+') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f79c2f743136f34 Filesystem access.
pkgs/python/[email protected]/external/duckdb/extension/autocomplete/inline_grammar.py:156
with open(target_file, 'w+') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d6d90af7b6b44ab Filesystem access.
pkgs/python/[email protected]/external/duckdb/third_party/brotli/enc/resolve-multi-includes.py:12
    file_lines = open(filename, 'r').readlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75c3f069b0528d7b Filesystem access.
pkgs/python/[email protected]/external/duckdb/third_party/brotli/enc/resolve-multi-includes.py:16
    out = open (filename, 'w')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #79710abbb28510ee Filesystem access.
pkgs/python/[email protected]/external/duckdb/third_party/brotli/enc/resolve-multi-includes.py:21
            include = open(match, 'r').readlines();

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6456de92a78878f Filesystem access.
pkgs/python/[email protected]/external/duckdb/third_party/mbedtls/inline_mbedtls.py:36
        with open(target_file, 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

dynaconf

python dependency
expand_more 48 low-confidence finding(s)
low env_fs dependency Excluded from app score #befb28df80d955f9 Environment-variable access.
pkgs/python/[email protected]/dynaconf/base.py:126
        settings_module = settings_module or os.environ.get(environment_var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a73bd04c54ba45fb Environment-variable access.
pkgs/python/[email protected]/dynaconf/base.py:332
        return os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e0dbe6a6e4ad6387 Environment-variable access.
pkgs/python/[email protected]/dynaconf/base.py:899
            os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f038fbb541532538 Environment-variable access.
pkgs/python/[email protected]/dynaconf/base.py:899
            os.environ.get(
                self.ENVVAR_FOR_DYNACONF, self.SETTINGS_FILE_FOR_DYNACONF
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f6ebc0c82aca10f Environment-variable access.
pkgs/python/[email protected]/dynaconf/base.py:1829
        boolean_fix(os.environ.get("LOAD_DOTENV_FOR_DYNACONF")),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0468e61aefc1e4e0 Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:44
os.environ["PYTHONIOENCODING"] = "utf-8"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87bacb3614800518 Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:78
    elif "FLASK_APP" in os.environ:  # pragma: no cover

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34847e0f72f606e2 Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:83
            app_import_path = os.environ["FLASK_APP"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8dcfd52687a8ffed Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:92
    elif "DJANGO_SETTINGS_MODULE" in os.environ:  # pragma: no cover

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #281e2871a1fa6a1b Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:98
            os.environ["DJANGO_SETTINGS_MODULE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ca5799421cadd009 Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:293
@click.option("--django", default=os.environ.get("DJANGO_SETTINGS_MODULE"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc9c27f12901e77d Environment-variable access.
pkgs/python/[email protected]/dynaconf/cli.py:312
    if "FLASK_APP" in os.environ:  # pragma: no cover

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6c1983be5422726 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:339
            with open(filename, "w") as new_settings:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1c56a9370207cb8 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:431
            with open(str(gitignore_path), "w", encoding=ENC) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b627f5cabfc6a055 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:435
                ignore_line in open(str(gitignore_path), encoding=ENC).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be245d32b44c8a09 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:438
                with open(str(gitignore_path), "a+", encoding=ENC) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7416c0e47b1ac6f7 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:455
            with open(dj_filename, "a") as dj_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbd0f034db3e25bb Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:804
        validation_data = tomllib.load(open(str(path), "rb"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d8b45d685a787f8 Filesystem access.
pkgs/python/[email protected]/dynaconf/cli.py:811
            open(str(path), encoding=default_settings.ENCODING_FOR_DYNACONF),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ebf38307fbdd711 Environment-variable access.
pkgs/python/[email protected]/dynaconf/contrib/django_dynaconf_v2.py:83
            os.environ["DJANGO_SETTINGS_MODULE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c47625df54c3ffa9 Environment-variable access.
pkgs/python/[email protected]/dynaconf/default_settings.py:20
            if older_key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cd115c67a9bfcb7 Environment-variable access.
pkgs/python/[email protected]/dynaconf/default_settings.py:25
                value = os.environ[older_key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8872b887f2356d0c Environment-variable access.
pkgs/python/[email protected]/dynaconf/default_settings.py:30
    value = os.environ.get(upperfy(key))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #05a460bf3f5e5a94 Environment-variable access.
pkgs/python/[email protected]/dynaconf/default_settings.py:65
    warn_deprecations(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bf2783f21f9bfe2b Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/base.py:100
                    with open(source_file, **self.opener_params) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #596d03e2e4cdaf5f Environment-variable access.
pkgs/python/[email protected]/dynaconf/loaders/env_loader.py:89
        value = environ.get(f"{env_}{key}")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0cb96758a5cf228d Environment-variable access.
pkgs/python/[email protected]/dynaconf/loaders/env_loader.py:115
            for key, value in environ.items()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0565f93330923fe8 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/ini_loader.py:71
        with open(
            str(settings_path), encoding=default_settings.ENCODING_FOR_DYNACONF
        ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7a6765d48787fd6d Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/ini_loader.py:77
    new.write(open(str(settings_path), "bw"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #789b302532dbee11 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/json_loader.py:78
        with open(
            str(settings_path), encoding=default_settings.ENCODING_FOR_DYNACONF
        ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d9029571ca9362d Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/json_loader.py:83
    with open(
        str(settings_path),
        "w",
        encoding=default_settings.ENCODING_FOR_DYNACONF,
    ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2fdc392b3db2f32 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/py_loader.py:157
        with open(
            _find_file(filename),
            encoding=default_settings.ENCODING_FOR_DYNACONF,
        ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #421334c6a2b6c7a4 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/py_loader.py:185
    with open(
        str(settings_path),
        "w",
        encoding=default_settings.ENCODING_FOR_DYNACONF,
    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc8e4a953f8151f5 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/toml_loader.py:103
            with open(str(settings_path), "rb") as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c417e1b64c52dba Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/toml_loader.py:107
            with open(
                str(settings_path),
                encoding=default_settings.ENCODING_FOR_DYNACONF,
            ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2eae2f3bb31afce8 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/toml_loader.py:114
        with open(str(settings_path), "wb") as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88ff5b98eb29aea7 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/toml_loader.py:118
        with open(
            str(settings_path),
            "w",
            encoding=default_settings.ENCODING_FOR_DYNACONF,
        ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f82e3b99646cc473 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/yaml_loader.py:42
                    with open(source_file, **self.opener_params) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a198526f5d250d41 Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/yaml_loader.py:128
        with open(
            str(settings_path), encoding=default_settings.ENCODING_FOR_DYNACONF
        ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #700a24a4333d473b Filesystem access.
pkgs/python/[email protected]/dynaconf/loaders/yaml_loader.py:133
    with open(
        str(settings_path),
        "w",
        encoding=default_settings.ENCODING_FOR_DYNACONF,
    ) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4727dea34201a397 Filesystem access.
pkgs/python/[email protected]/dynaconf/nodes.py:462
            with open(filename, "w", encoding=encoding, errors=errors) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4285d91d1466d223 Environment-variable access.
pkgs/python/[email protected]/dynaconf/utils/__init__.py:311
        self.environ = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9d961be1b2d239e Environment-variable access.
pkgs/python/[email protected]/dynaconf/utils/__init__.py:324
        return os.environ.get(key, default)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bc810f9173d59679 Filesystem access.
pkgs/python/[email protected]/dynaconf/utils/files.py:94
    with open(path, **kwargs) as open_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2751b82306c0decb Filesystem access.
pkgs/python/[email protected]/dynaconf/utils/inspect.py:188
        with open(to_file, "w", encoding=_encoding) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #088b0510c05f7ff4 Filesystem access.
pkgs/python/[email protected]/dynaconf/utils/parse_conf.py:419
            with open(path, encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #889d75b1edd4845a Environment-variable access.
pkgs/python/[email protected]/dynaconf/utils/parse_conf.py:494
        return {"env": os.environ, "this": self.settings}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ad5cc2a76fea2fb Environment-variable access.
pkgs/python/[email protected]/dynaconf/utils/parse_conf.py:756
            os.environ.get("AUTO_CAST_FOR_DYNACONF", "true").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

email-validator

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #c7795c55fcf029f6 Environment-variable access.
pkgs/python/[email protected]/email_validator/__main__.py:35
        if varname in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bb947916f6cae56 Environment-variable access.
pkgs/python/[email protected]/email_validator/__main__.py:36
            options[varname.lower()] = bool(os.environ[varname])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b75b59b5163d5a5 Environment-variable access.
pkgs/python/[email protected]/email_validator/__main__.py:38
        if varname in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36a8e02ab5126379 Environment-variable access.
pkgs/python/[email protected]/email_validator/__main__.py:39
            options[varname.lower()] = float(os.environ[varname])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

fastapi

python dependency
expand_more 64 low-confidence finding(s)
low env_fs dependency Excluded from app score #e3d0a8738b190a54 Filesystem access.
pkgs/python/[email protected]/docs_src/background_tasks/tutorial001_py310.py:7
    with open("log.txt", mode="w") as email_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9acde482d2953d96 Filesystem access.
pkgs/python/[email protected]/docs_src/background_tasks/tutorial002_an_py310.py:9
    with open("log.txt", mode="a") as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #250af7ccf4b4e9d2 Filesystem access.
pkgs/python/[email protected]/docs_src/background_tasks/tutorial002_py310.py:7
    with open("log.txt", mode="a") as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc7f9727db5244c3 Filesystem access.
pkgs/python/[email protected]/docs_src/custom_response/tutorial008_py310.py:11
        with open(some_file_path, mode="rb") as file_like:  # (2)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7c61343f30631188 Filesystem access.
pkgs/python/[email protected]/docs_src/events/tutorial002_py310.py:8
    with open("log.txt", mode="a") as log:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0593b799f9afbf08 Filesystem access.
pkgs/python/[email protected]/docs_src/generate_clients/tutorial004_py310.py:5
openapi_content = json.loads(file_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #888c2ae7ae0f76ec Filesystem access.
pkgs/python/[email protected]/docs_src/generate_clients/tutorial004_py310.py:15
file_path.write_text(json.dumps(openapi_content))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bda1c5d1d5c73cc2 Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:12
    with open(RELEASE_NOTES_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #65ed4be89320058c Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:31
        with open(RELEASE_NOTES_FILE, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling Excluded from app score unreachable #f0f6bab2e3932f23 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/contributors.py:129
    response = httpx.post(
        github_graphql_url,
        headers=headers,
        timeout=settings.httpx_timeout,
        json={"query": query, "variables": variables, "operationName": "Q"},
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #65f180902c242dc3 Filesystem access.
pkgs/python/[email protected]/scripts/contributors.py:227
    old_content = content_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8876c02585f84016 Filesystem access.
pkgs/python/[email protected]/scripts/contributors.py:233
    content_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2fbffdc04b8b33ce Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:105
    return yaml.unsafe_load(en_config_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #97ff39ef86e9b87a Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:129
    os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = "/opt/homebrew/lib"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #22d894a18789d8ea Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:143
    new_llm_prompt_path.write_text("", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9ad67db4c0780fed Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:223
    missing_translation = (docs_path / "missing-translation.md").read_text(
        encoding="utf-8"
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c0c4a089d0f1041b Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:229
    translation_banner = translation_banner_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #af903c0051a8e4e3 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:236
                markdown = translated_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5d3c5d4477831379 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:238
                    staged_file.write_text(markdown, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #96e1564958264af2 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:242
                staged_file.write_text(
                    add_markdown_notice(markdown, banner), encoding="utf-8"
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #eb7d9ed42eba8189 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:246
                markdown = staged_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f0f2e54bfd73fdd2 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:247
                staged_file.write_text(
                    add_markdown_notice(markdown, missing_translation),
                    encoding="utf-8",
                )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bfed239a1b29a391 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:277
    config_path.write_text(
        yaml.dump(config, sort_keys=False, width=200, allow_unicode=True),
        encoding="utf-8",
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9f5a3cbb300c4650 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:295
    config = yaml.unsafe_load(config_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7e1a8ff06f87724d Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:349
    content = en_index.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2da0e944e9fb7e72 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:355
    sponsors = yaml.safe_load(sponsors_data_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #98a9ad01dac81f76 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:384
    old_content = readme_path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2fcf03ccdb29ae81 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:389
        readme_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3b41d645f0c53201 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:430
        en_config_path.write_text(
            yaml.dump(updated_config, sort_keys=False, width=200, allow_unicode=True),
            encoding="utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1306a93e57bfdac5 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:488
        language_names_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a17dec90b2c36ca8 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:542
    sponsors = yaml.safe_load(sponsors_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ed8e693c3da2c24a Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:553
    old_content = partial_path.read_text("utf-8") if partial_path.is_file() else ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e429ed05e00c17e5 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:558
        partial_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2943fc2b9734089a Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:609
    base_content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #875df06ee2da7e25 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:657
        version_file.write_text(content_format, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4d2ee750d5b4263c Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:713
        content = md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #061badc8ae133a6c Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:720
            md_file.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3cacbd378d8257d5 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:735
        all_docs_content += md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling Excluded from app score unreachable #6fed309fcb71b51e Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/notify_translations.py:218
    response = httpx.post(
        github_graphql_url,
        headers=headers,
        timeout=settings.httpx_timeout,
        json={"query": query, "variables": variables, "operationName": "Q"},
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #18217b51064a286b Filesystem access.
pkgs/python/[email protected]/scripts/notify_translations.py:319
    contents = settings.github_event_path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling Excluded from app score unreachable #481c7d9d57ca04d3 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/people.py:202
    response = httpx.post(
        github_graphql_url,
        headers=headers,
        timeout=settings.httpx_timeout,
        json={"query": query, "variables": variables, "operationName": "Q"},
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #a7a252efd3f71f2b Filesystem access.
pkgs/python/[email protected]/scripts/people.py:384
    old_content = content_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7c393786d9194c4d Filesystem access.
pkgs/python/[email protected]/scripts/people.py:390
    content_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #30c32a908eb9e59a Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:146
    version_file_content = version_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ed372549f437f35a Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:147
    release_notes_content = release_notes_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f076f37a609aac1c Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:152
    version_file.write_text(
        update_version_file(version_file_content, version, version_file)
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #24590b45cd716fb0 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:155
    release_notes_file.write_text(
        update_release_notes(
            release_notes_content, version, parsed_release_date, release_notes_file
        )
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a18eb8c86acb9c01 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:178
    typer.echo(get_current_version(version_file.read_text(), version_file))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #371e5fa873707dc4 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:206
    version = get_current_version(version_file.read_text(), version_file)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8361d7917316afae Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:209
            release_notes_file.read_text(), version, release_notes_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling Excluded from app score unreachable #db6b4950bee3a697 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/scripts/sponsors.py:100
    response = httpx.post(
        github_graphql_url,
        headers=headers,
        timeout=settings.httpx_timeout,
        json={"query": query, "variables": variables, "operationName": "Q"},
    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #ea7b71ee1aba13f2 Filesystem access.
pkgs/python/[email protected]/scripts/sponsors.py:148
    old_content = content_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e53c06b422e88f84 Filesystem access.
pkgs/python/[email protected]/scripts/sponsors.py:154
    content_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #75ad1d25a680df30 Filesystem access.
pkgs/python/[email protected]/scripts/topic_repos.py:52
    repos_old_content = repos_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9e71c0f69cc90d29 Filesystem access.
pkgs/python/[email protected]/scripts/topic_repos.py:57
    repos_path.write_text(new_repos_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1d4da3a9882c11c9 Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:31
general_prompt = general_prompt_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6f75bbeed8a1dc20 Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:38
    return yaml.safe_load(Path("docs/language_names.yml").read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #304788ca68b283bc Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:121
    lang_prompt_content = lang_prompt_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #32fdb4a801e7447a Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:129
    original_content = en_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #680d611f71c98a8a Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:133
        old_translation = out_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e8a33df5d11545da Filesystem access.
pkgs/python/[email protected]/scripts/translate.py:178
    out_path.write_text(out_content, encoding="utf-8", newline="\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8847bff46dc570e6 Filesystem access.
pkgs/python/[email protected]/scripts/translation_fixer.py:81
        doc_lines = path.read_text(encoding="utf-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5e67c8f2105d7079 Filesystem access.
pkgs/python/[email protected]/scripts/translation_fixer.py:82
        en_doc_lines = en_doc_path.read_text(encoding="utf-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dc30b924d341c3ac Filesystem access.
pkgs/python/[email protected]/scripts/translation_fixer.py:94
        path.write_text("\n".join(doc_lines), encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

fastapi-pagination

python dependency
expand_more 1 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #40c3b072e960bc25 Environment-variable access.
pkgs/python/[email protected]/examples/pagination_piccolo.py:19
os.environ["PICCOLO_CONF"] = __name__

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

google-api-python-client

python dependency
expand_more 12 low-confidence finding(s)
low env_fs dependency Excluded from app score #63ea37179eba2c59 Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery.py:430
    if "REMOTE_ADDR" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac841ab67dfbd9a2 Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery.py:431
        actual_url = _add_query_parameter(url, "userIp", os.environ["REMOTE_ADDR"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c504e5d0eb7c159 Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery.py:573
        universe_domain_env = os.getenv(GOOGLE_CLOUD_UNIVERSE_DOMAIN, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef52a83d6b2d36cd Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery.py:656
            use_client_cert_str = os.getenv(
                "GOOGLE_API_USE_CLIENT_CERTIFICATE", "false"
            ).lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49914692dc874c72 Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery.py:703
            use_mtls_endpoint = os.getenv(GOOGLE_API_USE_MTLS_ENDPOINT, "auto")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0df85997690ffeff Environment-variable access.
pkgs/python/[email protected]/googleapiclient/discovery_cache/__init__.py:37
    if "GAE_ENV" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee6f4a8bf5a25d54 Filesystem access.
pkgs/python/[email protected]/googleapiclient/discovery_cache/__init__.py:72
        with open(os.path.join(DISCOVERY_DOC_DIR, doc_name), "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32fd25d86c2a2f9e Filesystem access.
pkgs/python/[email protected]/googleapiclient/http.py:594
        self._fd = open(self._filename, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0ac91e61814efd9 Filesystem access.
pkgs/python/[email protected]/googleapiclient/http.py:1735
            with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2395b10df17fdee Filesystem access.
pkgs/python/[email protected]/googleapiclient/sample_tools.py:104
        with open(discovery_filename) as discovery_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ac8cd53b3d3c266 Filesystem access.
pkgs/python/[email protected]/setup.py:52
with io.open(readme_filename, encoding="utf-8") as readme_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fad97b7f7b38755 Filesystem access.
pkgs/python/[email protected]/setup.py:58
with open(os.path.join(package_root, "googleapiclient/version.py")) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

grandalf

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #0d95196b7c7ee07d Filesystem access.
pkgs/python/[email protected]/grandalf/utils/dot.py:398
        f = open(
            filename, "rb"
        )  # As it'll try to decode later on with utf-8, read it binary at this point.

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

greenlet

python dependency
expand_more 2 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #29d9282cf5ce9cb6 Environment-variable access.
pkgs/python/[email protected]/benchmarks/chain.py:15
EXPOSE_FRAMES = 'EXPOSE_FRAMES' in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94972cb57069d075 Environment-variable access.
pkgs/python/[email protected]/setup.py:146
    if is_win and os.environ.get('GREENLET_STATIC_RUNTIME') in ('1', 'yes'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

gunicorn

python dependency
expand_more 84 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #a551814f96a9d68e Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:29
bind = os.environ.get("GUNICORN_BIND", "0.0.0.0:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3f07150a9154bf36 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:33
workers = int(os.environ.get("GUNICORN_WORKERS", min(4, multiprocessing.cpu_count() + 1)))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3d456868c67d3b04 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:64
dirty_workers = int(os.environ.get("DIRTY_WORKERS", 9))  # 2+2+4+1 = 9

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4f9d47336c01fce8 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:67
dirty_timeout = int(os.environ.get("DIRTY_TIMEOUT", 300))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7aef100422bf80e3 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:70
dirty_threads = int(os.environ.get("DIRTY_THREADS", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #197a973df745add9 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:73
dirty_graceful_timeout = int(os.environ.get("DIRTY_GRACEFUL_TIMEOUT", 30))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3406515e8ee949ab Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:94
loglevel = os.environ.get("LOG_LEVEL", "info")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8e981955a4fc6414 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:151
reload = os.environ.get("GUNICORN_RELOAD", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #cfab9d87f378ad02 Environment-variable access.
pkgs/python/[email protected]/examples/celery_alternative/gunicorn_conf.py:154
preload_app = os.environ.get("GUNICORN_PRELOAD", "false").lower() == "true"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b2c50e3d13475f93 Environment-variable access.
pkgs/python/[email protected]/examples/dirty_example/gunicorn_conf.py:16
bind = os.environ.get("GUNICORN_BIND", "127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e452cb734c1d9f4e Environment-variable access.
pkgs/python/[email protected]/examples/dirty_example/test_integration.py:47
    base = os.environ.get("TEST_BASE_URL", "http://localhost:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #62cb906a84cc0408 Environment-variable access.
pkgs/python/[email protected]/examples/dirty_example/test_stash_integration.py:23
BASE_URL = os.environ.get("TEST_BASE_URL", "http://localhost:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #90c0aafabd7e789a User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/dirty_example/test_stash_integration.py:30 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/dirty_example/test_stash_integration.py:23 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/dirty_example/test_stash_integration.py:30
        with urllib.request.urlopen(url, timeout=10) as resp:

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #60d7e0b2fc89893c Environment-variable access.
pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:11
    base_url = os.environ.get("EMBEDDING_SERVICE_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #1fa971363cf80b8c User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:15 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:11 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:15
    response = requests.post(url, json={"texts": ["Hello world"]})

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low pii_flow tooling Excluded from app score unreachable #f24db4e4de1e9bba User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:23 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:11 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:23
    response = requests.post(url, json={"texts": texts})

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low pii_flow tooling Excluded from app score unreachable #61e896206dfc3e72 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:29 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:11 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/embedding_service/test_embedding.py:29
    response = requests.post(url, json={"texts": ["test", "test"]})

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #06d350fe7e8641b8 Environment-variable access.
pkgs/python/[email protected]/examples/frameworks/django/testing/manage.py:9
    os.environ.setdefault("DJANGO_SETTINGS_MODULE", "testing.settings")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling Excluded from app score unreachable #8b2fc49eecb591ca Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/frameworks/django/testing/testing/apps/someapp/middleware.py:12
        requests.get('http://requestb.in/15s95oz1')

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #1d742060eff3613c Environment-variable access.
pkgs/python/[email protected]/examples/frameworks/django/testing/testing/wsgi.py:28
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "testing.settings")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a95e077422413e99 Environment-variable access.
pkgs/python/[email protected]/examples/http2_gevent/gunicorn_conf.py:19
bind = os.environ.get('GUNICORN_BIND', '0.0.0.0:8443')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aca705728b935d6c Environment-variable access.
pkgs/python/[email protected]/examples/http2_gevent/gunicorn_conf.py:23
workers = int(os.environ.get('GUNICORN_WORKERS', multiprocessing.cpu_count() * 2 + 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c3c68da841f5769c Environment-variable access.
pkgs/python/[email protected]/examples/http2_gevent/gunicorn_conf.py:33
certfile = os.environ.get('GUNICORN_CERTFILE', _default_cert)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #22dc9eae5a1de584 Environment-variable access.
pkgs/python/[email protected]/examples/http2_gevent/gunicorn_conf.py:34
keyfile = os.environ.get('GUNICORN_KEYFILE', _default_key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4f19f1126672eeaa Environment-variable access.
pkgs/python/[email protected]/examples/http2_gevent/gunicorn_conf.py:48
loglevel = os.environ.get('GUNICORN_LOG_LEVEL', 'info')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9b360c9303ac1200 Filesystem access.
pkgs/python/[email protected]/examples/read_django_settings.py:13
with open('frameworks/django/testing/testing/settings.py') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #20006df80f8f99be Filesystem access.
pkgs/python/[email protected]/examples/sendfile.py:16
    f = open(fname, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f507b5fb69f4f7b2 Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:14
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #7d02de0fb8669d44 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:15 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:14 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:15
    response = requests.get(f"{base_url}/health")

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #e47e1a15431beb80 Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:23
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #23983dbc56c490d5 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:25 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:23 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:25
    response = requests.post(
        f"{base_url}/chat",
        json={"prompt": "hello"},
        stream=True,
        headers={"Accept": "text/event-stream"}
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #488453c2c6aa3859 Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:56
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #ab0a474e43766a39 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:58 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:56 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:58
    response = requests.post(
        f"{base_url}/chat/sync",
        json={"prompt": "hello"}
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #d615c14bdfeda635 Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:72
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #76255e1d0d817020 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:74 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:72 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:74
    response = requests.post(
        f"{base_url}/chat",
        json={"prompt": "hello", "thinking": True},
        stream=True
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #5c8e17c85472a5aa Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:100
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #38c55253b7c2826b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:106 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:100 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:106
        response = requests.post(
            f"{base_url}/chat/sync",
            json={"prompt": prompt}
        )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #9f00e053717d428c Environment-variable access.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:122
    base_url = os.environ.get("STREAMING_CHAT_URL", "http://127.0.0.1:8000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #41e28890fa19855b User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:124 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:122 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/examples/streaming_chat/test_streaming.py:124
    response = requests.post(
        f"{base_url}/chat",
        json={"prompt": "hello"},
        stream=True
    )

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #ae5e2f6946abccd6 Filesystem access.
pkgs/python/[email protected]/examples/websocket/gevent_websocket.py:445
        data = open(os.path.join(
                     os.path.dirname(__file__),
                     'websocket.html')).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3735a968e48a9d3d Environment-variable access.
pkgs/python/[email protected]/gunicorn/app/base.py:220
            if os.environ.get('NOTIFY_SOCKET'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #761b841d37d73a26 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:54
        os.environ["SERVER_SOFTWARE"] = SERVER_SOFTWARE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #406835579fd89488 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:117
        if 'GUNICORN_PID' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a47911ae048ab832 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:136
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b25af09bc2c7c16f Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:150
        if 'GUNICORN_PID' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b92e17c6327ccb7 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:151
            self.master_pid = int(os.environ.get('GUNICORN_PID'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea620ef1acd15703 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:176
                for fd in os.environ.pop('GUNICORN_FD').split(','):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e94bbc332dc63916 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:362
            del os.environ['GUNICORN_PID']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb69d6293e29d4ad Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:514
                os.environ[k] = self.cfg.env_orig[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f16f8ea6f07d3c5 Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:518
                    del os.environ[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a851174755cf7710 Filesystem access.
pkgs/python/[email protected]/gunicorn/arbiter.py:812
            with open(pidfile) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c8cf864c102b9ac Environment-variable access.
pkgs/python/[email protected]/gunicorn/arbiter.py:869
            os.environ['GUNICORN_DIRTY_SOCKET'] = socket_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02df0c720838820f Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:54
        self.env_orig = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #63c771d05a69e0e4 Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:231
        if 'SENDFILE' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edbe553ab4267343 Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:232
            sendfile = os.environ['SENDFILE'].lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9818655940d1b219 Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:636
    if 'PORT' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f213c58d8809392 Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:637
        default = ['0.0.0.0:{0}'.format(os.environ.get('PORT'))]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2460d268071dbc0d Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:690
    default = int(os.environ.get("WEB_CONCURRENCY", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83e6ddd2d041ffcb Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:1320
    default = os.environ.get("FORWARDED_ALLOW_IPS", "127.0.0.1,::1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc5d81e6ce4e27ad Environment-variable access.
pkgs/python/[email protected]/gunicorn/config.py:3138
    xdg_runtime = os.environ.get('XDG_RUNTIME_DIR')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcb360a796ee77d7 Environment-variable access.
pkgs/python/[email protected]/gunicorn/ctl/handlers.py:368
            dirty_socket_path = os.environ.get('GUNICORN_DIRTY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80b942c907d97a7d Environment-variable access.
pkgs/python/[email protected]/gunicorn/ctl/handlers.py:530
            dirty_socket_path = os.environ.get('GUNICORN_DIRTY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9e6e7c4971ac97c Filesystem access.
pkgs/python/[email protected]/gunicorn/dirty/arbiter.py:242
                with open(self.pidfile, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #887eed131d447f2c Environment-variable access.
pkgs/python/[email protected]/gunicorn/dirty/arbiter.py:248
        os.environ['GUNICORN_DIRTY_SOCKET'] = self.socket_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1165df6db569605f Environment-variable access.
pkgs/python/[email protected]/gunicorn/dirty/client.py:671
        path = os.environ.get('GUNICORN_DIRTY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9da76d8a13bcc4da Environment-variable access.
pkgs/python/[email protected]/gunicorn/dirty/stash.py:429
        path = os.environ.get('GUNICORN_DIRTY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb585bfd5a481172 Environment-variable access.
pkgs/python/[email protected]/gunicorn/dirty/worker.py:152
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d32f89681badf57 Filesystem access.
pkgs/python/[email protected]/gunicorn/glogging.py:205
            self.logfile = open(cfg.errorlog, 'a+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #368e347dcf644343 Filesystem access.
pkgs/python/[email protected]/gunicorn/glogging.py:245
                    config_json = json.load(open(cfg.logconfig_json))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4756b576e1f66743 Filesystem access.
pkgs/python/[email protected]/gunicorn/glogging.py:388
                self.logfile = open(self.cfg.errorlog, 'a+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ed4730e563acbf8 Environment-variable access.
pkgs/python/[email protected]/gunicorn/http/wsgi.py:196
    script_name = os.environ.get("SCRIPT_NAME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52feb4d7d7a6b0e8 Filesystem access.
pkgs/python/[email protected]/gunicorn/pidfile.py:56
            with open(self.fname) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac88e2ecb1cdb367 Filesystem access.
pkgs/python/[email protected]/gunicorn/pidfile.py:69
            with open(self.fname) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b248425865c2110 Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:35
    fds = int(os.environ.get('LISTEN_FDS', 0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7fad173f32d9a97a Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:36
    listen_pid = int(os.environ.get('LISTEN_PID', 0))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fb90760f54a3e5a Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:42
        os.environ.pop('LISTEN_PID', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18059f40c35df797 Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:43
        os.environ.pop('LISTEN_FDS', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a5dc05d96c576c2 Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:60
    addr = os.environ.get('NOTIFY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #062cda017947873a Environment-variable access.
pkgs/python/[email protected]/gunicorn/systemd.py:75
            os.environ.pop('NOTIFY_SOCKET')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fe7752d4ffaa711 Environment-variable access.
pkgs/python/[email protected]/gunicorn/util.py:489
        a = os.stat(os.environ['PWD'])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c3abefb785b512b Environment-variable access.
pkgs/python/[email protected]/gunicorn/util.py:492
            cwd = os.environ['PWD']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4431fde7c37c80fd Environment-variable access.
pkgs/python/[email protected]/gunicorn/util.py:517
    if 'GUNICORN_FD' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #927c2503fd40bc87 Filesystem access.
pkgs/python/[email protected]/gunicorn/util.py:607
        with open(path, 'a') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3243bc2bdfd28a84 Environment-variable access.
pkgs/python/[email protected]/gunicorn/workers/base.py:96
                os.environ[k] = v

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

ibm-watsonx-ai

python dependency
expand_more 149 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #f34224f95d5c7368 Environment-variable access.
pkgs/python/[email protected]/docs/utils.py:62
    Version.from_tag(os.environ["DOCUMENTATION_MAX_TAG"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a6923d86982599da Environment-variable access.
pkgs/python/[email protected]/docs/utils.py:63
    if "DOCUMENTATION_MAX_TAG" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #d71d82431ae2886d Filesystem access.
pkgs/python/[email protected]/docs/write_redirects.py:51
        source_file_path.write_text(
            REDIRECT_HTML.format(target=target), encoding="utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #431bf37f4e770721 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx/global_httpx_settings.py:24
        match os.environ.get("WX_CLIENT_VERIFY_REQUESTS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2cbefe64ebccfea Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx_wrapper.py:316
    elif (env_max_retries := os.environ.get("WATSONX_MAX_RETRIES")) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #829bb928e1f742b1 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx_wrapper.py:328
    elif (env_delay_time := os.environ.get("WATSONX_DELAY_TIME")) is not None:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1866894afc19728e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx_wrapper.py:344
                    os.environ.get("WATSONX_RETRY_STATUS_CODES", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebb1b9114956a43e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/_wrappers/httpx_wrapper.py:349
            if os.environ.get("WATSONX_RETRY_STATUS_CODES")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11bbeeb3932a33bb Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/ai_services.py:1428
            filename.write_text(code, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c3ba1aacafa6368 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:410
            os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #42efd2548d7aea05 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:473
                os.environ["DEPLOYMENT_PRIVATE"] = "icp4d"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8d9d4c651ea254d Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:879
            return (path / file_name).read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08311d33c38d2b95 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/client.py:967
        if client_headers_env := os.environ.get("IBM_SDK_API_CLIENT_HEADERS"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b45cbb258cbafd30 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:186
            return Path(filename).read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34f6e9d23e1b74af Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:207
                f(os.environ[k])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f63db8e2a28a8f8f Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:209
                if os.environ.get(k) is not None and os.environ.get(k) != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7474355e2adc88a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/credentials.py:222
                os.environ[env_key] = str(self.__dict__[property_key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4de2163dfe7520fa Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/data_loaders/datasets/base_documents.py:330
            get_max_sample_size_limit() if os.getenv("MEM", False) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7b61d7165d3f1462 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/data_loaders/datasets/tabular.py:431
            get_max_sample_size_limit() if os.getenv("MEM", False) else None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c2c5bc2f35cd7a7 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/deployment/base_deployment.py:719
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acaeba4dc3e95036 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/deployment/base_deployment.py:734
                    with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b870660f49b2d7aa Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/autoai.py:1131
                and environ.get("ENABLE_AUTOAI", "false").lower() == "false"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #980722437691a7db Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:140
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3448c7f1505a8218 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:552
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #383b98cfaf2c22a9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:683
        with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb1b1087fb3e3a77 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:732
        if "CPU" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0438c878ae5650b4 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:735
                    f"train_id: {train_id} --- Using {os.environ.get('CPU', 1)} CPUs"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #717e7a99d2d2508a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:739
                    self.params.get("cpus_available", os.environ.get("CPU", 1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3d75028c81a0d66 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/local_auto_pipelines.py:753
        with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e3e40d00e36aaa3 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/experiment/autoai/optimizers/remote_auto_pipelines.py:882
            content = json.loads(path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8db6bce64ee1c15c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/embeddings/embeddings.py:644
            "verify": os.environ.get("WML_CLIENT_VERIFY_REQUESTS"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #81bb193112cb18d5 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/foundation_models/extensions/rag/pattern/pattern.py:1014
            with open(CONFIG_PATH, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1c5247e30942768b Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/functions.py:1445
            filename.write_text(file_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #80c7264673d42fdf Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:490
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f849a2faf7e182e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:491
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #325f321db7014da7 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:575
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2a3940c7f6623271 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:576
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fb8866c99a16d1b Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:760
                os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bc01506439deaf5 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:761
                and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #570b44c956d0ceab Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1051
            with open(self.location.path, "rb") as data_buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #480daaf9cfa28a8c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1093
            with open(location_path, "rb") as data_buffer:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b323afdc9584de5 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1137
            if os.environ.get("TRAINING_NFS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fec92cabdc4c09e Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1139
                base_path = Path(os.environ.get("TRAINING_NFS_PATH", ".")) / "0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84d71fda1f86e97c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1143
                buffer = io.BytesIO(data_path.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c42c4ef52a2aa83a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1724
        if os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4a4a90c0ffd27e9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1725
            with open(os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"), "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96a659c12ea746a6 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1725
            with open(os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE"), "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c46902b28bf3500c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1728
            token = os.environ.get("USER_ACCESS_TOKEN")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0af8fec638c65381 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/base_data_connection.py:1763
            elif not os.environ.get("MEM", False):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52936fb20f174deb Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1099
                    or "USER_ACCESS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2befa6695773e43 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1100
                    or "RUNTIME_ENV_ACCESS_TOKEN_FILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5aeb7dbcb5fbae3 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1415
                        os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #739f8ef7834abf53 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1416
                        and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48ea5eb4c6b246a9 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1515
                        os.environ.get("USER_ACCESS_TOKEN") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5270c52944f63417 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1516
                        and os.environ.get("RUNTIME_ENV_ACCESS_TOKEN_FILE") is None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e0ef354784fdd98 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1644
                or "USER_ACCESS_TOKEN" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b4229896f5061563 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/connections.py:1645
                or "RUNTIME_ENV_ACCESS_TOKEN_FILE" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #31f0f5f9e5154f93 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:81
            not os.getenv("FLIGHT_SERVICE_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #084f502cf143747a Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:100
                os.getenv("FLIGHT_SERVICE_LOCATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b97901af2efab47c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:101
                or os.getenv("ASSET_API_SERVICE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #75d7f35d29f874d1 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:102
                or os.getenv("CATALOG_API_SERVICE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ce35cf1208b6d35 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:104
            flight_port = os.getenv("FLIGHT_SERVICE_PORT", "443")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8631c44d96118eb Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:108
                runtime_flight_service_url = os.getenv("RUNTIME_FLIGHT_SERVICE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ce270440cc338f0 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:377
        if os.environ.get("TLS_ROOT_CERTS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c27516c2288c491c Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:378
            self.additional_connection_args["tls_root_certs"] = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c235baa67fda62e6 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_service.py:378
            self.additional_connection_args["tls_root_certs"] = os.environ.get(
                "TLS_ROOT_CERTS_PATH"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45d393f326940be0 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:92
        if os.environ.get("TLS_ROOT_CERTS_PATH"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a646995fd083d01 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:93
            self.additional_connection_args["tls_root_certs"] = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d87097176a37ae33 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/connections/flight_sql_service.py:93
            self.additional_connection_args["tls_root_certs"] = os.environ.get(
                "TLS_ROOT_CERTS_PATH"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #014bbbbede1da059 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/helpers/helpers.py:87
    with open(script_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eeef0d8e9333eb86 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/href_definitions.py:531
                    os.getenv("WATSONX_USE_PRIVATE_TOKEN_URL", "").lower().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58bd23583fe47706 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/href_definitions.py:547
                    os.getenv("WATSONX_USE_PRIVATE_TOKEN_URL", "").lower().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64ca87aff48d190c Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/import_assets.py:71
        data = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73c8344786c97447 Filesystem access.
repo/TestRepoSaveLoad.py:45
        output_f = open(filepath, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c74c2d4681cfdc2e Filesystem access.
repo/TestRepoSaveLoad.py:66
        modelArcFile = open(gz_file_name, "wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ddbf1f20fbf579d1 Environment-variable access.
repo/ml_api_client.py:42
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfce7ee5f68d004d Environment-variable access.
repo/ml_api_client.py:71
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0e8c3741a07491eb Environment-variable access.
repo/mlrepository/artifact.py:65
                        if 'DEPLOYMENT_PRIVATE' in os.environ and os.environ['DEPLOYMENT_PRIVATE'] == 'icp4d':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b9bca12abeb65ca Environment-variable access.
repo/mlrepository/artifact.py:70
                        if 'DEPLOYMENT_PRIVATE' in os.environ and os.environ['DEPLOYMENT_PRIVATE'] == 'icp4d':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c0368b020da8c20 Filesystem access.
repo/mlrepositoryartifact/function_artifact_loader.py:30
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbacaa66a484351c Filesystem access.
repo/mlrepositoryartifact/function_artifact_reader.py:26
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70e95f4977661e2e Filesystem access.
repo/mlrepositoryartifact/generic_archive_pipeline_model_artifact.py:126
            with open(os.path.join(path, expected_file_name)) as data_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dea2bcce41b228e6 Filesystem access.
repo/mlrepositoryartifact/generic_file_artifact_loader.py:31
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7777addd16ecfd74 Filesystem access.
repo/mlrepositoryartifact/generic_file_reader.py:32
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11a5d260d3dfe0d7 Filesystem access.
repo/mlrepositoryartifact/hybrid_artifact_loader.py:47
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #008cbc2a8c0a045b Filesystem access.
repo/mlrepositoryartifact/hybrid_artifact_loader.py:80
            gz_f = open(output_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99e90987266796d6 Filesystem access.
repo/mlrepositoryartifact/hybrid_pipeline_model_reader.py:56
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a6c4eddb87585078 Filesystem access.
repo/mlrepositoryartifact/libraries_artifact_loader.py:35
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ef51e5f799afdfd8 Filesystem access.
repo/mlrepositoryartifact/libraries_artifact_reader.py:26
        return open(self.library, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c37f1c3bbddec82 Filesystem access.
repo/mlrepositoryartifact/ml_repository_artifact.py:162
                sys.stderr = open(devnull, 'w')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25aa298f949e064b Filesystem access.
repo/mlrepositoryartifact/runtimes_artifact_loader.py:35
            gz_f = open(file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #91b17dd5a353fb0d Filesystem access.
repo/mlrepositoryartifact/runtimes_artifact_reader.py:26
        return open(self.runtimespec_path, 'rt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dbc29e7f348bc720 Filesystem access.
repo/mlrepositoryartifact/scikit_artifact_loader.py:41
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d2bf16330234c6e7 Filesystem access.
repo/mlrepositoryartifact/scikit_pipeline_model_artifact.py:29
        sys.stderr = open(os.devnull, 'w')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e30725200b1e0a4 Filesystem access.
repo/mlrepositoryartifact/scikit_pipeline_reader.py:67
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc9ab812ee8c93ac Filesystem access.
repo/mlrepositoryartifact/spark_artifact_loader.py:33
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1c837e481e45ae6 Environment-variable access.
repo/mlrepositoryartifact/spark_pipeline_reader.py:20
        self.hummingbird_env = os.getenv('HB_RUNTIME_PROVIDER', "").upper()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bfe816bbf606d834 Filesystem access.
repo/mlrepositoryartifact/spark_pipeline_reader.py:57
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c20ed67ad9f56aba Filesystem access.
repo/mlrepositoryartifact/tensorflow_artifact_loader.py:32
            gz_f = open(gz_file_name, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c2d60d75c0751de3 Filesystem access.
repo/mlrepositoryartifact/tensorflow_pipeline_reader.py:67
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f31f8d81c2d74c98 Filesystem access.
repo/mlrepositoryartifact/xgboost_model_reader.py:55
        return open(self.archive_path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10c5f72dcf0d3dc7 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:39
        os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f64850167b3d6c6 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:40
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7486e29b57b84b55 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:73
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98e8a365059049cb Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:210
        os.environ["DEPLOYMENT_PLATFORM"] = "private"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #811ae272eecbdc92 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:211
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f86765159dcd0f45 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:238
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d03c5c2ca69a3865 Environment-variable access.
repo/mlrepositoryclient/ml_repository_api.py:264
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c4d842e0e717a7f Environment-variable access.
repo/mlrepositoryclient/model_collection.py:688
                if "DEPLOYMENT_PLATFORM" in os.environ and os.environ["DEPLOYMENT_PLATFORM"] == "private":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b99196eb4d534212 Filesystem access.
repo/swagger_client/api_client.py:441
                    with open(n, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f61a5bd2e39afe8c Filesystem access.
repo/swagger_client/api_client.py:532
        with open(path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed2001465c50ecf1 Environment-variable access.
repo/swagger_client/rest.py:76
        if 'DEPLOYMENT_PLATFORM' in os.environ and os.environ['DEPLOYMENT_PLATFORM'] == 'private':

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff3c4ae297913dea Filesystem access.
repo/util/compression_util.py:24
        with open(filepath, 'rb') as f_in, gzip.open(gzip_filepath, 'wb+') as f_out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32967f3ec667c6f7 Filesystem access.
repo/util/compression_util.py:31
            output_f = open(filepath, 'wb+')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ef58630228ed300 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/messages/messages.py:22
        messages = json.loads((path / file_name).read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16af07e1894042c2 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1032
            with open("request.json", "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ceb26e128161bd7 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1199
                with open("request.json", "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34eb5bbcb1f0904e Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1351
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ac225991c62f885 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1370
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c503695160616e47 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1390
                with open(t2, "rb") as f1:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #edf86f5e9eb6b031 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:1503
            with open(t1, "rb") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0231acf27c9428c4 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:2342
                json.loads(model.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53d930ad732930c0 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/models.py:2489
                json.loads(model.read_bytes())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28bdd2ce2a3d0860 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/connection.py:193
    size_mem = int(findall(r"[0-9]+", environ.get("MEM", "32"))[0])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f691018c96c69a14 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:373
            with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2855ff8479759ef4 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:387
                with open(local_model_path + ".onnx", "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #600518766304bda5 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:499
                with redirect_stdout(open(os.devnull, "w")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57fe6068c5c50992 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1087
        with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #630e87aaf6a73ff9 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1091
            with open(
                "request.json", "r", encoding=auto_pipelines_parameters.get("encoding")
            ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6996de745e42d582 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1105
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a207f0437ed84601 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1109
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57ffc2f23ce5dde2 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1350
        with open(pipeline_definition_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ee57e10e9fc433a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1369
        with open("schema.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #db1e96d1de5d1c5d Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1475
        with open(pipeline_definition_name, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0865001aef17f761 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1494
        with open("schema.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #01648a4cb5e3801a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1539
    with open(data_location, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #74b3b70673c76972 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:1546
    with open(data_location, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #995108983c650a14 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:2115
        with open(tmp_file, "wb") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0fddb5b88de806c1 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3170
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5eda0c68a37fdb48 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3174
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a7e75333fa78f07 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3189
                with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd975fca02ab9f9a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3193
                    with open(
                        "request.json",
                        "r",
                        encoding=auto_pipelines_parameters.get("encoding"),
                    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df52b1a1e87330ae Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3286
            with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #243577335d764b7a Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3290
                with open(
                    "request.json",
                    "r",
                    encoding=auto_pipelines_parameters.get("encoding"),
                ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #761798ad1dee5970 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3305
                with open("request.json", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f33d7a40f962b1fe Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/autoai/utils.py:3309
                    with open(
                        "request.json",
                        "r",
                        encoding=auto_pipelines_parameters.get("encoding"),
                    ) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #123e8538e9a74637 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:555
    f = open(filename, "wb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e22802da0ad4c889 Filesystem access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:694
        b_model = file_path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50b5e05150e465e2 Environment-variable access.
pkgs/python/[email protected]/ibm_watsonx_ai/utils/utils.py:1305
        if os.environ.get(gov_env_var_name) != "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

jq

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #ef1782096badbb5a Filesystem access.
pkgs/python/[email protected]/setup.py:27
    return open(os.path.join(os.path.dirname(__file__), fname)).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #89b1e66a5fa93b5a Environment-variable access.
pkgs/python/[email protected]/setup.py:80
            os.environ['MACOSX_DEPLOYMENT_TARGET'] = str(macosx_deployment_target)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee3010320cba3d2b Environment-variable access.
pkgs/python/[email protected]/setup.py:101
use_system_libs = bool(os.environ.get("JQPY_USE_SYSTEM_LIBS"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

jsonquerylang

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #8ad1ea582e0b462b Filesystem access.
pkgs/python/[email protected]/setup.py:7
with open(path.join(HERE, "README.md"), encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #392688b704c474bc Environment-variable access.
pkgs/python/[email protected]/langchain/agents/middleware/_execution.py:322
        host_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ec33ccd63fc6e64f Filesystem access.
pkgs/python/[email protected]/langchain/agents/middleware/file_search.py:387
                    content = file_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #791e1e61bdc3976b Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:15
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7084634e71b0fa64 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:22
    content = init_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-anthropic

python dependency
expand_more 10 low-confidence finding(s)
low env_fs dependency Excluded from app score #12492d05a83e3b10 Environment-variable access.
pkgs/python/[email protected]/langchain_anthropic/_client_utils.py:55
        or os.environ.get("ANTHROPIC_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #55dc4656ffe7ce2c Environment-variable access.
pkgs/python/[email protected]/langchain_anthropic/_client_utils.py:74
        or os.environ.get("ANTHROPIC_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f96de33a3c992dfe Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:900
            content = full_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d810203e5bea836 Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:936
        full_path.write_text(file_text + "\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e847fc2c32eee33f Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:963
        content = full_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e1b2a7087d8f848d Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:973
        full_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d165fbde85b870e Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:1000
        content = full_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e43b38b92131da91 Filesystem access.
pkgs/python/[email protected]/langchain_anthropic/middleware/anthropic_tools.py:1018
        full_path.write_text(new_content)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f0077285929520c5 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:15
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1981dc218266c457 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:22
    content = version_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-astradb

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #bec70261f34ca44b Environment-variable access.
pkgs/python/[email protected]/langchain_astradb/utils/astradb.py:236
            self.token = StaticTokenProvider(os.getenv(TOKEN_ENV_VAR))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #478b935b1e8f3c0a Environment-variable access.
pkgs/python/[email protected]/langchain_astradb/utils/astradb.py:247
            self.api_endpoint = os.getenv(API_ENDPOINT_ENV_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dad282d67f1d1a74 Environment-variable access.
pkgs/python/[email protected]/langchain_astradb/utils/astradb.py:256
            env_var_keyspace = os.getenv(KEYSPACE_ENV_VAR, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-core

python dependency
expand_more 22 low-confidence finding(s)
low env_fs dependency Excluded from app score #7220418bffe9e981 Environment-variable access.
pkgs/python/[email protected]/langchain_core/_security/_policy.py:238
    if os.environ.get("LANGCHAIN_ENV", "").startswith("local"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d61fdd6e378285c Environment-variable access.
pkgs/python/[email protected]/langchain_core/_security/_ssrf_protection.py:70
        os.environ.get("LANGCHAIN_ENV") == "local_test"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a340ffd1b0f43ba2 Filesystem access.
pkgs/python/[email protected]/langchain_core/documents/base.py:168
            return Path(self.path).read_text(encoding=self.encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c526f9053fb5c8a8 Filesystem access.
pkgs/python/[email protected]/langchain_core/documents/base.py:190
            return Path(self.path).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da2d6bcdad8d15e6 Environment-variable access.
pkgs/python/[email protected]/langchain_core/load/load.py:481
            if self.secrets_from_env and key in os.environ and os.environ[key]:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #002dac044161b996 Environment-variable access.
pkgs/python/[email protected]/langchain_core/load/load.py:482
                return os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #473a55da8802c523 Filesystem access.
pkgs/python/[email protected]/langchain_core/prompts/chat.py:553
        template = Path(template_file).read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae72b2b7aa6e118a Filesystem access.
pkgs/python/[email protected]/langchain_core/prompts/loading.py:105
            template = resolved_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df31ccf8d44154f3 Filesystem access.
pkgs/python/[email protected]/langchain_core/prompts/prompt.py:253
        template = Path(template_file).read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a081fc5b517ca9ba Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/env.py:18
    return env_var in os.environ and os.environ[env_var] not in {

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6992c060acc49317 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/env.py:77
    if env_value := os.getenv(env_key):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0e4979cf5da0065 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:405
                if k in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3325e16cbf6bb685 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:406
                    return os.environ[k]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ae499c4c463761f Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:407
        if isinstance(key, str) and key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f018427c82c9dc3a Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:408
            return os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22f0330a6cc7c509 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:475
                if k in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d451c1b37343d993 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:476
                    return SecretStr(os.environ[k])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22c543ff865d51c7 Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:477
        if isinstance(key, str) and key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14acff8f14776f5b Environment-variable access.
pkgs/python/[email protected]/langchain_core/utils/utils.py:478
            return SecretStr(os.environ[key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #bb2b035569873264 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:21
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b6709d9f751e6e92 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:28
    content = version_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a2c29b9c1d3fd71e Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:41
        content = snapshot_path.read_text(encoding="utf-8", errors="replace")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-experimental

python dependency
expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #eb6d46e2a3f68715 Filesystem access.
pkgs/python/[email protected]/langchain_experimental/data_anonymizer/presidio.py:438
            with open(save_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b167468ae9626a24 Filesystem access.
pkgs/python/[email protected]/langchain_experimental/data_anonymizer/presidio.py:441
            with open(save_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ebf1616320aee8c5 Filesystem access.
pkgs/python/[email protected]/langchain_experimental/data_anonymizer/presidio.py:462
            with open(load_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbfbda07e0299d33 Filesystem access.
pkgs/python/[email protected]/langchain_experimental/data_anonymizer/presidio.py:465
            with open(load_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #87be045c041728aa Filesystem access.
pkgs/python/[email protected]/langchain_experimental/rl_chain/model_repository.py:43
        with open(self.model_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b4e197386ea0118 Filesystem access.
pkgs/python/[email protected]/langchain_experimental/rl_chain/model_repository.py:60
            with open(self.model_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #02d866f6b52c688d Filesystem access.
pkgs/python/[email protected]/langchain_experimental/rl_chain/vw_logger.py:16
            with open(self.path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-google-calendar-tools

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #f68609bfc6b49922 Filesystem access.
pkgs/python/[email protected]/src/langchain_google_calendar_tools/utils.py:100
        with open(token_file, "w") as token:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-google-community

python dependency
expand_more 22 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #1b61aa32010a00ed Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/async_example.py:41
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #87e99ea52111e4f7 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/async_example.py:42
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c87c44d8cd23a556 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/basic_example.py:30
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #622785d5005b6003 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/basic_example.py:31
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8e5ccba4980fe7e9 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/event_filtering_example.py:33
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #82945fb166c2f71d Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/event_filtering_example.py:34
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #aca601f8b785c561 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/langgraph_agent_example.py:45
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #86e5707a8f92904d Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/langgraph_agent_example.py:46
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8781193dfbd6c69c Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/populate_sample_data.py:39
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #30df2d9d60afaa09 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/populate_sample_data.py:40
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9be13f99f6f19089 Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/webapp/main.py:37
PROJECT_ID = os.environ.get("GCP_PROJECT_ID", "test-project-0728-467323")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #725b1d2de72537df Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/webapp/main.py:38
DATASET_ID = os.environ.get("BQ_DATASET_ID", "agent_analytics")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c5ffbc451dff91bb Environment-variable access.
pkgs/python/[email protected]/examples/bigquery_callback/webapp/main.py:39
TABLE_ID = os.environ.get("BQ_TABLE_ID", "agent_events")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a19e7cf86fa34b8f Environment-variable access.
pkgs/python/[email protected]/langchain_google_community/_utils.py:39
    if os.environ.get(_TELEMETRY_ENV_VARIABLE_NAME):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35e2bd8fa4f2c856 Filesystem access.
pkgs/python/[email protected]/langchain_google_community/_utils.py:149
            with open(token_file, "w") as token:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff3325b25f0b6b42 Environment-variable access.
pkgs/python/[email protected]/langchain_google_community/drive.py:347
            elif "GOOGLE_APPLICATION_CREDENTIALS" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5aa51cb7cd7b0792 Filesystem access.
pkgs/python/[email protected]/langchain_google_community/drive.py:360
            with open(self.token_path, "w") as token:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #21433020d8711ae5 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/langchain_google_community/geocoding.py:296
                    response = requests.get(
                        GOOGLE_MAPS_API_URL, params=params, timeout=self.timeout
                    )

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #39f3516540d8bfc7 Environment-variable access.
pkgs/python/[email protected]/langchain_google_community/geocoding.py:439
            google_api_key=SecretStr(os.getenv("GOOGLE_MAPS_API_KEY", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1238754fd5599da4 Filesystem access.
pkgs/python/[email protected]/langchain_google_community/google_speech_to_text.py:129
            with open(self.file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #45c1c0ea1681202f Environment-variable access.
pkgs/python/[email protected]/langchain_google_community/model_armor/base_runnable.py:92
            elif os.getenv("GOOGLE_CLOUD_PROJECT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4f91192781e6239 Environment-variable access.
pkgs/python/[email protected]/langchain_google_community/model_armor/base_runnable.py:93
                self.project = os.getenv("GOOGLE_CLOUD_PROJECT")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-google-genai

python dependency
expand_more 11 low-confidence finding(s)
low env_fs dependency Excluded from app score #dd37b77fb30308da Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/_common.py:582
            env_var = os.getenv("GOOGLE_GENAI_USE_VERTEXAI", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c83690af75f0c772 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/_common.py:634
    if os.environ.get(_TELEMETRY_ENV_VARIABLE_NAME):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea4e0aab8da30e16 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/chat_models.py:2610
                and not os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3efeef35cf1cb9b Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/chat_models.py:2611
                and not os.getenv("GEMINI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3f1604ac1266923 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/chat_models.py:2614
                os.environ["GOOGLE_API_KEY"] = google_api_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d7e5c1e677951f16 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/chat_models.py:2628
                    os.environ.pop("GOOGLE_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fc11abc67a214324 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/embeddings.py:229
            env_var = os.getenv("GOOGLE_GENAI_USE_VERTEXAI", "").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ba0569acd6333269 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/embeddings.py:280
                and not os.getenv("GOOGLE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d57944a2085095d7 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/embeddings.py:281
                and not os.getenv("GEMINI_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0449b93aee5918b9 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/embeddings.py:284
                os.environ["GOOGLE_API_KEY"] = google_api_key

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d63ae743ed81e2f1 Environment-variable access.
pkgs/python/[email protected]/langchain_google_genai/embeddings.py:298
                    os.environ.pop("GOOGLE_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-google-vertexai

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #5eb2fbd7a81e8711 Environment-variable access.
pkgs/python/[email protected]/langchain_google_vertexai/_utils.py:102
    if os.environ.get(_TELEMETRY_ENV_VARIABLE_NAME):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-ibm

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #2c9a76f186edf6db Environment-variable access.
pkgs/python/[email protected]/langchain_ibm/utils.py:211
        present = [(n, os.getenv(n)) for n in names_priority]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-nvidia-ai-endpoints

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #6e354e17ed704baf Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_common.py:63
        default_factory=lambda: os.getenv(
            _BASE_URL_VAR, "https://integrate.api.nvidia.com/v1"
        ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcc1acf8e0357c47 Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_common.py:96
            os.getenv(_API_KEY_VAR, "INTERNAL_LCNVAIE_ERROR")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36c72556d55f8060 Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_common.py:98
        if _API_KEY_VAR in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #976d984e682bd67b Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_common.py:174
            skip_api_version_check = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9dc8716dbda864cd Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_common.py:174
            skip_api_version_check = os.environ.get(
                "NVIDIA_APPEND_API_VERSION", ""
            ) in ["false", "False", "0"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e28da27a9551443 Environment-variable access.
pkgs/python/[email protected]/langchain_nvidia_ai_endpoints/_statics.py:1247
if "_INCLUDE_OPENAI" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-openai

python dependency
expand_more 19 low-confidence finding(s)
low env_fs dependency Excluded from app score #397683dbc09562d8 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:61
    raw = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c6113bcd5f1104d Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:92
    raw = os.environ.get(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #03611ff8abc9b6c5 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:179
    if os.environ.get("LANGCHAIN_OPENAI_TCP_KEEPALIVE", "1") == "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d01ead03025579e Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:224
    if any(os.environ.get(name) for name in _PROXY_ENV_VARS):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f0bf0b50b8b4653e Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:259
    if os.environ.get("LANGCHAIN_OPENAI_TCP_KEEPALIVE", "1") == "0":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97d40014fc4537fd Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:280
    active = [name for name in _PROXY_ENV_VARS if os.environ.get(name)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8242ab8a27965036 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:315
    active = [name for name in _PROXY_ENV_VARS if os.environ.get(name)]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d53b80ec238fef2f Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:394
        or os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04c509d8e26dab5e Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/_client_utils.py:415
        or os.environ.get("OPENAI_BASE_URL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #778d3961ba76e811 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/azure.py:619
            or os.getenv("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #822c6b38e1500f82 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/azure.py:620
            or os.getenv("OPENAI_ORGANIZATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84f34c2e4e668401 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/base.py:1212
            or os.getenv("OPENAI_ORG_ID")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #492c360a3c1f0829 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/base.py:1213
            or os.getenv("OPENAI_ORGANIZATION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #035dc57745047c27 Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/base.py:1215
        self.openai_api_base = self.openai_api_base or os.getenv("OPENAI_API_BASE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b2111d0d4a6f83f Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/base.py:1234
            and "OPENAI_BASE_URL" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #624030c4a5c6c10b Environment-variable access.
pkgs/python/[email protected]/langchain_openai/chat_models/codex.py:81
    return os.environ.get(ORIGINATOR_ENV_VAR) or ORIGINATOR_VALUE

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9b6502b53866e23 Filesystem access.
pkgs/python/[email protected]/langchain_openai/chatgpt_oauth.py:503
            raw_text = self.path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #28918bd8ec635dd5 Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:15
    content = pyproject_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e55983d948606d7d Filesystem access.
pkgs/python/[email protected]/scripts/check_version.py:22
    content = version_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-perplexity

python dependency
expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #6c779e176e11eac5 Environment-variable access.
pkgs/python/[email protected]/langchain_perplexity/_utils.py:12
        or os.environ.get("PPLX_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #852ccb21e66a8b5e Environment-variable access.
pkgs/python/[email protected]/langchain_perplexity/_utils.py:13
        or os.environ.get("PERPLEXITY_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-pinecone

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #2187b3e4fc1301b7 Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/_utilities.py:282
    base_url = os.getenv("PINECONE_BASE_URL", "https://api.pinecone.io")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3eea510005c7f6f Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/vectorstores.py:221
        _index_host = host or os.environ.get("PINECONE_HOST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbc0d753acf8242d Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/vectorstores.py:237
            _pinecone_api_key_str = pinecone_api_key or os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd89ae5a91714f24 Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/vectorstores.py:237
            _pinecone_api_key_str = pinecone_api_key or os.environ.get(
                "PINECONE_API_KEY"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #36fa55f658c6a408 Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/vectorstores.py:249
            _index_name = index_name or os.environ.get("PINECONE_INDEX_NAME") or ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97bdca8514043ac3 Environment-variable access.
pkgs/python/[email protected]/langchain_pinecone/vectorstores.py:899
        _pinecone_api_key_str = pinecone_api_key or os.environ.get("PINECONE_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchain-qdrant

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #ada67fc11b7b3601 Environment-variable access.
pkgs/python/[email protected]/langchain_qdrant/vectorstores.py:2293
            api_key = os.getenv("QDRANT_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langchainhub

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #0088501d8a3e4cb4 Environment-variable access.
pkgs/python/[email protected]/langchainhub/client.py:48
        or os.getenv("LANGCHAIN_HUB_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d964f48d4f84fff2 Environment-variable access.
pkgs/python/[email protected]/langchainhub/client.py:49
        or os.getenv("LANGCHAIN_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa2b66e5ceec8760 Environment-variable access.
pkgs/python/[email protected]/langchainhub/client.py:50
        or os.getenv("LANGSMITH_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9e7e17c968607bac Environment-variable access.
pkgs/python/[email protected]/langchainhub/client.py:62
        else os.getenv(
            "LANGCHAIN_HUB_API_URL",
            default_api_url,
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

langgraph-checkpoint

python dependency
expand_more 4 low-confidence finding(s)
low env_fs dependency Excluded from app score #c751eebe883dcaf9 Filesystem access.
pkgs/python/[email protected]/langgraph/checkpoint/memory/__init__.py:662
        fileobj = open(tempname, "wb" if self.format == "pickle" else "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #736df79c77b334d0 Filesystem access.
pkgs/python/[email protected]/langgraph/checkpoint/memory/__init__.py:694
        with open(self.filename, "rb" if self.format == "pickle" else "r") as fileobj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #790e023ad005d55c Environment-variable access.
pkgs/python/[email protected]/langgraph/checkpoint/serde/_msgpack.py:12
STRICT_MSGPACK_ENABLED = os.getenv("LANGGRAPH_STRICT_MSGPACK", "false").lower() in (

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c05633c4430faadf Environment-variable access.
pkgs/python/[email protected]/langgraph/checkpoint/serde/encrypted.py:54
            key_str = os.getenv("LANGGRAPH_AES_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

loguru

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #ade2c27139102b88 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:25
        if "CI" in os.environ and any(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d4260a98ec9fec8 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:26
            ci in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e2702910df1c3403 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:30
        if "PYCHARM_HOSTED" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #946b4abe143e1c25 Environment-variable access.
pkgs/python/[email protected]/loguru/_colorama.py:32
        if os.name == "nt" and "TERM" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9cc1a38db3fb862c Environment-variable access.
pkgs/python/[email protected]/loguru/_defaults.py:5
    if key not in environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c976b430abac55f Environment-variable access.
pkgs/python/[email protected]/loguru/_defaults.py:8
    val = environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d124c25c88dc2ef0 Filesystem access.
pkgs/python/[email protected]/loguru/_file_sink.py:53
        with open(path_in, "rb") as f_in:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f45ecce9577bffac Filesystem access.
pkgs/python/[email protected]/loguru/_file_sink.py:226
        self._file = open(path, **self._kwargs)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64b6a1499c8eda74 Filesystem access.
pkgs/python/[email protected]/loguru/_logger.py:1868
                with open(str(file)) as fileobj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

multiprocess

python dependency
expand_more 63 low-confidence finding(s)
low env_fs dependency Excluded from app score #1e9e4ba759b07c4f Filesystem access.
pkgs/python/[email protected]/py3.10/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95befea12d0c29aa Filesystem access.
pkgs/python/[email protected]/py3.10/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #13773ad5218d7379 Environment-variable access.
pkgs/python/[email protected]/py3.10/multiprocess/popen_spawn_win32.py:65
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #65418ae471fc6fb9 Filesystem access.
pkgs/python/[email protected]/py3.10/multiprocess/popen_spawn_win32.py:70
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00ebfc5fe1385bcb Filesystem access.
pkgs/python/[email protected]/py3.10/multiprocess/resource_tracker.py:199
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #272dbbefa1586969 Filesystem access.
pkgs/python/[email protected]/py3.10/multiprocess/util.py:422
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af525181673e4db9 Filesystem access.
pkgs/python/[email protected]/py3.11/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8ecc6f5ea35edb05 Filesystem access.
pkgs/python/[email protected]/py3.11/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ccba62e5701d22e Environment-variable access.
pkgs/python/[email protected]/py3.11/multiprocess/popen_spawn_win32.py:65
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0ad19db9ada5ec4f Filesystem access.
pkgs/python/[email protected]/py3.11/multiprocess/popen_spawn_win32.py:72
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f20163ed9be94ec0 Filesystem access.
pkgs/python/[email protected]/py3.11/multiprocess/resource_tracker.py:229
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73a226b681158749 Filesystem access.
pkgs/python/[email protected]/py3.11/multiprocess/util.py:425
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d98213f2541128a4 Filesystem access.
pkgs/python/[email protected]/py3.12/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2fe5783ad4af29d6 Filesystem access.
pkgs/python/[email protected]/py3.12/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cdbe5a29e84af1d4 Environment-variable access.
pkgs/python/[email protected]/py3.12/multiprocess/popen_spawn_win32.py:65
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d73e4fcc7065fd2e Filesystem access.
pkgs/python/[email protected]/py3.12/multiprocess/popen_spawn_win32.py:72
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a89867ed64dc1d8c Filesystem access.
pkgs/python/[email protected]/py3.12/multiprocess/resource_tracker.py:255
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5180b18da6032895 Filesystem access.
pkgs/python/[email protected]/py3.12/multiprocess/util.py:425
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e83733bba9f3f500 Filesystem access.
pkgs/python/[email protected]/py3.13/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b0c3296324eac6f Filesystem access.
pkgs/python/[email protected]/py3.13/multiprocess/popen_spawn_posix.py:65
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21480e8143ee6d0f Environment-variable access.
pkgs/python/[email protected]/py3.13/multiprocess/popen_spawn_win32.py:66
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b139622aba5f7e61 Filesystem access.
pkgs/python/[email protected]/py3.13/multiprocess/popen_spawn_win32.py:73
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9fd5d99f14280ad0 Filesystem access.
pkgs/python/[email protected]/py3.13/multiprocess/resource_tracker.py:368
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24d343a94623c3d5 Filesystem access.
pkgs/python/[email protected]/py3.13/multiprocess/util.py:493
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be56be8d91fe3543 Filesystem access.
pkgs/python/[email protected]/py3.14/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2282eac732f33b2e Filesystem access.
pkgs/python/[email protected]/py3.14/multiprocess/popen_spawn_posix.py:65
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd2bac813298753e Environment-variable access.
pkgs/python/[email protected]/py3.14/multiprocess/popen_spawn_win32.py:66
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c7fce5306477a30 Filesystem access.
pkgs/python/[email protected]/py3.14/multiprocess/popen_spawn_win32.py:73
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5eb1cc50f7ba732 Filesystem access.
pkgs/python/[email protected]/py3.14/multiprocess/resource_tracker.py:364
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69cca13c22c88103 Filesystem access.
pkgs/python/[email protected]/py3.14/multiprocess/util.py:493
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #981e5dda1495e8c9 Filesystem access.
pkgs/python/[email protected]/py3.15/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d36cda27b03c1faf Filesystem access.
pkgs/python/[email protected]/py3.15/multiprocess/popen_spawn_posix.py:65
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76fd52b31da5cad0 Environment-variable access.
pkgs/python/[email protected]/py3.15/multiprocess/popen_spawn_win32.py:66
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1c5067fd7d655f6 Filesystem access.
pkgs/python/[email protected]/py3.15/multiprocess/popen_spawn_win32.py:73
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f68a705f39bae30 Filesystem access.
pkgs/python/[email protected]/py3.15/multiprocess/resource_tracker.py:364
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25cc1b44e3406fd6 Filesystem access.
pkgs/python/[email protected]/py3.15/multiprocess/util.py:493
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb9cd1ac455b86b0 Filesystem access.
pkgs/python/[email protected]/py3.9/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96e70e7dc96ed31f Filesystem access.
pkgs/python/[email protected]/py3.9/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8841cf3ea61cce4b Environment-variable access.
pkgs/python/[email protected]/py3.9/multiprocess/popen_spawn_win32.py:65
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b5e2e6382f2f752 Filesystem access.
pkgs/python/[email protected]/py3.9/multiprocess/popen_spawn_win32.py:70
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #502f9d8c8873f0f7 Filesystem access.
pkgs/python/[email protected]/py3.9/multiprocess/resource_tracker.py:191
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2b390452eda93641 Filesystem access.
pkgs/python/[email protected]/py3.9/multiprocess/util.py:422
            sys.stdin = open(fd, closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ded6596c54e1ebd Filesystem access.
pkgs/python/[email protected]/pypy3.10/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ab775d361fc88e3 Filesystem access.
pkgs/python/[email protected]/pypy3.10/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fd1085b65b2af99d Environment-variable access.
pkgs/python/[email protected]/pypy3.10/multiprocess/popen_spawn_win32.py:67
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26147f8463dd13fa Filesystem access.
pkgs/python/[email protected]/pypy3.10/multiprocess/popen_spawn_win32.py:72
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4d9975e3e9294eb Filesystem access.
pkgs/python/[email protected]/pypy3.10/multiprocess/resource_tracker.py:199
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4fc8dab366c7bfae Filesystem access.
pkgs/python/[email protected]/pypy3.10/multiprocess/util.py:422
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c0b7df81009f8a1d Filesystem access.
pkgs/python/[email protected]/pypy3.11/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a7689ec81c123dc7 Filesystem access.
pkgs/python/[email protected]/pypy3.11/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b6b4f3cc8dbc73c Environment-variable access.
pkgs/python/[email protected]/pypy3.11/multiprocess/popen_spawn_win32.py:67
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b4110a8d80dae4c Filesystem access.
pkgs/python/[email protected]/pypy3.11/multiprocess/popen_spawn_win32.py:74
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e6ac4ef0f99f6d56 Filesystem access.
pkgs/python/[email protected]/pypy3.11/multiprocess/resource_tracker.py:229
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2e0ccb3ffa8b8df2 Filesystem access.
pkgs/python/[email protected]/pypy3.11/multiprocess/util.py:425
            sys.stdin = open(fd, encoding="utf-8", closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a1e230fef459be73 Filesystem access.
pkgs/python/[email protected]/pypy3.9/multiprocess/popen_forkserver.py:57
        with open(w, 'wb', closefd=True) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #beb2ef7e32af3dcf Filesystem access.
pkgs/python/[email protected]/pypy3.9/multiprocess/popen_spawn_posix.py:61
            with open(parent_w, 'wb', closefd=False) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #076dfdce2f9b0468 Environment-variable access.
pkgs/python/[email protected]/pypy3.9/multiprocess/popen_spawn_win32.py:67
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cb8745db2491a35 Filesystem access.
pkgs/python/[email protected]/pypy3.9/multiprocess/popen_spawn_win32.py:72
        with open(wfd, 'wb', closefd=True) as to_child:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bab96c28b1aeb7d Filesystem access.
pkgs/python/[email protected]/pypy3.9/multiprocess/resource_tracker.py:191
        with open(fd, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #006ba430a283319f Filesystem access.
pkgs/python/[email protected]/pypy3.9/multiprocess/util.py:422
            sys.stdin = open(fd, closefd=False)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f65bc8640ca68ac3 Filesystem access.
pkgs/python/[email protected]/version.py:16
        LICENSE = open(filepath).read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bdd3d4fb7fae611c Filesystem access.
pkgs/python/[email protected]/version.py:25
        fh = open(filepath)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ae52a3b62a60630 Filesystem access.
pkgs/python/[email protected]/version.py:79
    with open(infofile, 'w') as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

nanoid

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #b48fe84d93a481db Filesystem access.
pkgs/python/[email protected]/setup.py:3
with open("README.md", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

networkx

python dependency
expand_more 16 low-confidence finding(s)
low env_fs dependency Excluded from app score #6e640a45ece874c4 Environment-variable access.
pkgs/python/[email protected]/doc/conf.py:96
os.environ["_NETWORKX_BUILDING_DOCS_"] = "True"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e38a6360bce4d1dc Filesystem access.
pkgs/python/[email protected]/examples/external/javascript_force.py:27
json.dump(d, open("force/force.json", "w"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress tooling reachable #9bf0ce344c078f84 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/examples/graph/plot_football.py:24
sock = urllib.request.urlopen(url)  # open URL

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs tooling Excluded from app score unreachable #948e9d4ec433e82f Filesystem access.
pkgs/python/[email protected]/examples/graphviz_layout/plot_lanl_routes.py:22
        fh = open("lanl_routes.edgelist")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5cbc63a3ca17007f Filesystem access.
pkgs/python/[email protected]/examples/subclass/plot_printgraph.py:28
            self.fh = open(file, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #263417d2c0ed4610 Environment-variable access.
pkgs/python/[email protected]/networkx/conftest.py:47
        backend = os.environ.get("NETWORKX_TEST_BACKEND")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8f2b86f1f32f20c7 Environment-variable access.
pkgs/python/[email protected]/networkx/conftest.py:71
            fallback_to_nx = os.environ.get("NETWORKX_FALLBACK_TO_NX")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed62119374e5bd79 Environment-variable access.
pkgs/python/[email protected]/networkx/lazy_imports.py:75
    if os.environ.get("EAGER_IMPORT", ""):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #180f286b408e761a Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:153
            os.environ.get("NETWORKX_CACHE_CONVERTED_GRAPHS", True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #846d7e7663fdbe71 Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:155
        fallback_to_nx=bool(os.environ.get("NETWORKX_FALLBACK_TO_NX", False)),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #34a51c77357bb709 Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:157
            _comma_sep_to_list(os.environ.get("NETWORKX_WARNINGS_TO_IGNORE", ""))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0820e455620ddac Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:167
        for key, val in os.environ.items()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #684d9769295fd0d3 Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:175
            os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8d2dd114decdc1e0 Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:175
            os.environ.get(
                "NETWORKX_BACKEND_PRIORITY",
                os.environ.get("NETWORKX_AUTOMATIC_BACKENDS", ""),
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e01afaa6062f5e3a Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:177
                os.environ.get("NETWORKX_AUTOMATIC_BACKENDS", ""),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18431921ba7e4c3d Environment-variable access.
pkgs/python/[email protected]/networkx/utils/backends.py:2152
if os.environ.get("_NETWORKX_BUILDING_DOCS_"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

nv-ingest-api

python dependency
expand_more 43 low-confidence finding(s)
low env_fs dependency Excluded from app score #ec2b92fd07889e19 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/interface/utility.py:42
    with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b48096ed2dba33b8 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/chart_extractor.py:49
        os.getenv("RETRIEVER_NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da821151f5003958 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/chart_extractor.py:50
        or os.getenv("NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #889915ad64d829ed Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/chart_extractor.py:51
        or os.getenv("NEMOTRON_OCR_V1_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a09b489853875bd Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/infographic_extractor.py:196
        os.getenv("RETRIEVER_NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfafbba7a74f70e7 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/infographic_extractor.py:197
        or os.getenv("NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4b4f8df1df61813 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/infographic_extractor.py:198
        or os.getenv("NEMOTRON_OCR_V1_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed1019a5b36a8c79 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:56
    if os.getenv("NV_INGEST_DUMP_OCR_INPUT_IMAGES", "").strip().lower() not in {"1", "true", "yes", "on"}:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a36b6ce69f52b03b Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:59
    out_dir = os.getenv("NV_INGEST_DUMP_OCR_INPUT_IMAGES_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #49b67dc9b63fc2bb Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:60
    prefix = os.getenv("NV_INGEST_DUMP_OCR_INPUT_IMAGES_PREFIX", "").strip() or "input"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7075353013430fc0 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:370
        os.getenv("RETRIEVER_NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #137ddd8aec286bd9 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:371
        or os.getenv("NEMOTRON_OCR_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3dc989bdb76286af Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/image/table_extractor.py:372
        or os.getenv("NEMOTRON_OCR_V1_MODEL_DIR", "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #638d9d1d56fbb09c Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/pdf/engines/tika.py:94
    response = requests.put(TIKA_URL, headers=headers, data=pdf_stream, timeout=timeout)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #fafff4e3e7118185 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/pptx/engines/pptx_helper.py:902
        with open(input_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #687669085aed9c31 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/extract/pptx/engines/pptx_helper.py:931
            with open(pdf_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #785d06f7b70818bd Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/primitives/nim/model_interface/ocr.py:763
    ocr_model_name = os.getenv("OCR_MODEL_NAME", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1b94f658b55ae57c Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/primitives/nim/model_interface/yolox.py:44
YOLOX_PAGE_IMAGE_FORMAT = os.getenv("YOLOX_PAGE_IMAGE_FORMAT", "PNG")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c4817d30b19c351 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/schemas/store/store_image_schema.py:28
_DEFAULT_STORAGE_URI = os.environ.get("IMAGE_STORAGE_URI", "s3://nv-ingest/artifacts/store/images")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92d57ef1345a2a50 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/store/embed_text_upload.py:23
_DEFAULT_ENDPOINT = os.environ.get("MINIO_INTERNAL_ADDRESS", "minio:9000")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1d37879a092ff98a Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/store/embed_text_upload.py:24
_DEFAULT_BUCKET_NAME = os.environ.get("MINIO_BUCKET", "nv-ingest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9487c4f0503f9c3e Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/internal/transform/split_text.py:184
    model_predownload_path = os.environ.get("MODEL_PREDOWNLOAD_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #371d4621f2ef7e95 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/dataloader/dataloader.py:281
                with open(file, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4ebb692770626bb5 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/dataloader/dataloader.py:390
                with open(file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a2e52c208e1f22e Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/image_processing/transforms.py:786
        with open(output_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af6363f18a6c713c Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/multi_processing/mp_pool_singleton.py:79
                max_worker_limit: int = int(os.environ.get("MAX_INGEST_PROCESS_WORKERS", -1))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1261594413652d08 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/string_processing/configuration.py:130
        arrow_memory_pool_env = os.environ.get("ARROW_DEFAULT_MEMORY_POOL")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e61e4d3806fc94bf Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/string_processing/configuration.py:211
            value = os.environ.get(var, "not set")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f511c836aff3f2ef Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/string_processing/configuration.py:224
            value = os.environ.get(var)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #390df021970353f7 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/string_processing/yaml.py:45
    value = os.environ.get(var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de2c60d71d3ff169 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_api/util/string_processing/yaml.py:88
        return os.environ.get(var, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9382193ebb7e1e0 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/system/hardware_info.py:100
                with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #812e3d30cd219b54 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/system/hardware_info.py:113
                with open(path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3d1f469ef7ec4db Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_api/util/system/hardware_info.py:341
                with open("/proc/meminfo", "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fa8c5006ccb6276c Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:59
    api_key = os.getenv("NVIDIA_API_KEY") or os.getenv("NGC_API_KEY")  # Using NGC_API_KEY if NVIDIA_API_KEY is not set

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d18ed424b6b4598 Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:60
    model_name = os.getenv("LLM_SUMMARIZATION_MODEL", "nvidia/nemotron-mini-4b-instruct")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c120f118f318e45 Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:61
    base_url = os.getenv("LLM_SUMMARIZATION_BASE_URL", "https://integrate.api.nvidia.com/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #452e22345bc0e9c1 Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:62
    min_content_length = int(os.getenv("LLM_MIN_CONTENT_LENGTH", 50))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e922139d13fa23d8 Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:63
    max_content_length = int(os.getenv("LLM_MAX_CONTENT_LENGTH", 12000))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #78e7f6e5a7e54863 Environment-variable access.
pkgs/python/[email protected]/src/udfs/llm_summarizer_udf.py:64
    timeout = int(os.getenv("LLM_SUMMARIZATION_TIMEOUT", 60))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7ae6f696d55ba8f Environment-variable access.
pkgs/python/[email protected]/src/version.py:11
    release_type = os.getenv("NV_INGEST_RELEASE_TYPE", "dev")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4551bc40554c89bc Environment-variable access.
pkgs/python/[email protected]/src/version.py:12
    version = os.getenv("NV_INGEST_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b0e45f3c39a47dc3 Environment-variable access.
pkgs/python/[email protected]/src/version.py:13
    rev = os.getenv("NV_INGEST_REV", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

nv-ingest-client

python dependency
expand_more 42 low-confidence finding(s)
low env_fs dependency Excluded from app score #b1186b0f5dd5753b Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/cli/util/click.py:485
        with open(dataset_json, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #552b453bc6677a0f Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/client/client.py:750
        self._telemetry_enabled: bool = bool(int(os.getenv("NV_INGEST_CLIENT_TELEMETRY", "1")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17b36be25f2060e4 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/client/client.py:752
            self._telemetry_max_calls: int = int(os.getenv("NV_INGEST_CLIENT_TELEMETRY_MAX_CALLS", "10000"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df727b25bb6ba339 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/client/client.py:1282
                batch_size = int(os.getenv("NV_INGEST_CLIENT_BATCH_SIZE", "16"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6535653f457b3405 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/client/ingest_job_handler.py:302
            with open(os.path.join(doc_type_path, output_name), "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11ea1877799e4eb3 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/client/interface.py:421
                    with open(local_path, "wb") as local_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41be6c66e9e11263 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/client/interface.py:650
                show_telemetry = bool(int(os.getenv("NV_INGEST_CLIENT_SHOW_TELEMETRY", "0")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3da54ab157fed1c3 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/client/interface.py:1445
        output_directory = output_directory or os.getenv("NV_INGEST_CLIENT_SAVE_TO_DISK_OUTPUT_DIRECTORY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #10492497be6367ba Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/nv_ingest_cli.py:265
            with open(dataset, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #84e55f0ea3ddc829 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/jobs/job_spec.py:321
        with open(dataset, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c4c53050f14e3b8 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:24
UNSTRUCTURED_API_KEY = os.environ.get("UNSTRUCTURED_API_KEY", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35d7533742b44f6b Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:25
UNSTRUCTURED_URL = os.environ.get("UNSTRUCTURED_URL", "https://api.unstructured.io/general/v0/general")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #16e6d9f9ffd47bf3 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:26
UNSTRUCTURED_STRATEGY = os.environ.get("UNSTRUCTURED_STRATEGY", "auto")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b9fd11eb5ad0ae8 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:27
UNSTRUCTURED_CONCURRENCY_LEVEL = os.environ.get("UNSTRUCTURED_CONCURRENCY_LEVEL", 10)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4a0deea33fcc0ae Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:29
ADOBE_CLIENT_ID = os.environ.get("ADOBE_CLIENT_ID", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4a0de3a9651ab2e Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:30
ADOBE_CLIENT_SECRET = os.environ.get("ADOBE_CLIENT_SECRET", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #985a93ea540c43e6 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:248
                "unstructured_api_key": os.environ.get("UNSTRUCTURED_API_KEY", UNSTRUCTURED_API_KEY),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff6e259c7821ac5d Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:249
                "unstructured_url": os.environ.get("UNSTRUCTURED_URL", UNSTRUCTURED_URL),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fd83a7ca6e220f5 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:250
                "unstructured_strategy": os.environ.get("UNSTRUCTURED_STRATEGY", UNSTRUCTURED_STRATEGY),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #874bee4dc7084b14 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:251
                "unstructured_concurrency_level": os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4b56c7f162436063 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:251
                "unstructured_concurrency_level": os.environ.get(
                    "UNSTRUCTURED_CONCURRENCY_LEVEL", UNSTRUCTURED_CONCURRENCY_LEVEL
                ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0b10da289e9a492d Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:258
                "adobe_client_id": os.environ.get("ADOBE_CLIENT_ID", ADOBE_CLIENT_ID),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bcec132712baf828 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/extract.py:259
                "adobe_client_secrect": os.environ.get("ADOBE_CLIENT_SECRET", ADOBE_CLIENT_SECRET),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c59db09fba7f0561 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/primitives/tasks/udf.py:89
        with open(file_path, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #27ea29d5214ad27d Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/file_processing/extract.py:129
    with open(path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b004ccfbe9af01ed Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/process_json_files.py:87
            with open(json_file, "r") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f40c6e51672c1a4 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/process_json_files.py:99
            with open(output_file, "w+") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4a11d44fe650cc6 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:32
        self.embedding_nim_endpoint: str = os.getenv("EMBEDDING_NIM_ENDPOINT", "https://integrate.api.nvidia.com/v1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5f02f3a78c4c918 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:33
        self.embedding_nim_model_name: str = os.getenv("EMBEDDING_NIM_MODEL_NAME", "nvidia/llama-nemotron-embed-1b-v2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00abcff1a6858415 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:34
        self.nvidia_api_key: str = os.getenv("NVIDIA_API_KEY", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de8cc2d2e21c70a0 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:35
        self.nv_ranker_nim_endpoint: str = os.getenv(
            "RERANKER_NIM_ENDPOINT",
            "https://ai.api.nvidia.com/v1/retrieval/nvidia/llama-3_2-nv-rerankqa-1b-v2/reranking",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe3961d6c1d1a1d8 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:39
        self.nv_ranker_nim_model_name: str = os.getenv("RERANKER_NIM_MODEL_NAME", "nvidia/llama-nemotron-rerank-1b-v2")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95cd45d7160a5c5c Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/util.py:40
        self.minio_bucket_name: str = os.getenv("MINIO_BUCKET", "nv-ingest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60fb78fd9229e630 Environment-variable access.
pkgs/python/[email protected]/src/nv_ingest_client/util/vdb/lancedb.py:59
    timing_path = os.getenv("NV_INGEST_LANCEDB_TIMING_PATH")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f537c3d7625c4b08 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/vdb/lancedb.py:70
    with open(timing_path, "a") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67d05d46e184ff0e Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/vdb/milvus.py:1662
            with open(file_name, "w") as outfile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efc65ba14b9425b7 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/vdb/milvus.py:1800
            with open(results_file, "r") as infile:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #17595253556cdef6 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/zipkin.py:111
        with open(f"{zipkin_profiles_directory}/{trace['trace_id']}.json", "w") as trace_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c440dc844df3b1b5 Filesystem access.
pkgs/python/[email protected]/src/nv_ingest_client/util/zipkin.py:115
    with open(f"{zipkin_profiles_directory}/combined.json", "w") as combined_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c2927e27b5b7795b Environment-variable access.
pkgs/python/[email protected]/src/version.py:11
    release_type = os.getenv("NV_INGEST_RELEASE_TYPE", "dev")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #afe852d8ec7d0797 Environment-variable access.
pkgs/python/[email protected]/src/version.py:12
    version = os.getenv("NV_INGEST_VERSION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f9ad9c90a32319f9 Environment-variable access.
pkgs/python/[email protected]/src/version.py:13
    rev = os.getenv("NV_INGEST_REV", "0")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

orjson

python dependency
expand_more 40 low-confidence finding(s)
low env_fs dependency Excluded from app score #8a82e5a18e689ea4 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:118
data = json.load(open("../encoding/encodings.json", "r"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #307112063581ccb2 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:120
indexes = json.load(open("../encoding/indexes.json", "r"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9046df07ce8eedc Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:366
  partially_generated_file = open(path, "r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93fa7ff099268e7f Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:387
label_file = open("src/lib.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f1d291f8b580c33 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:405
  docfile = open("doc/%s.txt" % name, "r")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e34a9a558c43a02c Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:457
label_test_file = open("src/test_labels_names.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d7fbcc7a999af7e Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:484
data_file = open("src/data.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bbc83cc651ea94a Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1173
variant_file = open("src/variant.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2035feaa972351d Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1417
ffi_file = open("../encoding_c/src/lib.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9a55f18e5a8f946 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1440
single_byte_file = open("src/single_byte.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff8568772efdb832 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1494
static_file = open("../encoding_c/include/encoding_rs_statics.h", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5264fc951e70e8f0 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1560
utf_8_file = open("src/utf_8.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cdacac14af274cf4 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1623
jis0208_in_file = open("src/test_data/jis0208_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20ac7af43216e8c3 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1632
jis0208_in_ref_file = open("src/test_data/jis0208_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd89f617836eeeb8 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1642
jis0208_out_file = open("src/test_data/jis0208_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #de880772d6b003a3 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1643
jis0208_out_ref_file = open("src/test_data/jis0208_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6144010e5ca4f1dc Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1660
shift_jis_in_file = open("src/test_data/shift_jis_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #239f873aaf3e14aa Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1669
shift_jis_in_ref_file = open("src/test_data/shift_jis_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e27a8d1a1b15360 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1684
shift_jis_out_file = open("src/test_data/shift_jis_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #53c1e85cb1427491 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1685
shift_jis_out_ref_file = open("src/test_data/shift_jis_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5834cbfd63a89b1 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1713
iso_2022_jp_in_file = open("src/test_data/iso_2022_jp_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ac21d66ec60c8111 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1722
iso_2022_jp_in_ref_file = open("src/test_data/iso_2022_jp_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #596ddd172f4859f7 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1732
iso_2022_jp_out_file = open("src/test_data/iso_2022_jp_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46260b1cdbf55435 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1733
iso_2022_jp_out_ref_file = open("src/test_data/iso_2022_jp_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21917c488dba82a4 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1761
euc_kr_in_file = open("src/test_data/euc_kr_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd12275357348831 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1770
euc_kr_in_ref_file = open("src/test_data/euc_kr_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbc81224f07d910d Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1785
euc_kr_out_file = open("src/test_data/euc_kr_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7dd712f8b1a979d Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1786
euc_kr_out_ref_file = open("src/test_data/euc_kr_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #73a99590097743f7 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1802
gb18030_in_file = open("src/test_data/gb18030_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee72645545f1a7b6 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1811
gb18030_in_ref_file = open("src/test_data/gb18030_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fb25c02ab6bb440e Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1826
gb18030_out_file = open("src/test_data/gb18030_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7444cb1115c8d7ff Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1827
gb18030_out_ref_file = open("src/test_data/gb18030_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbc3f60dabe09416 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1845
big5_in_file = open("src/test_data/big5_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6eeaa9c98afbf4ae Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1861
big5_in_ref_file = open("src/test_data/big5_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4542d7972380159e Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1898
big5_out_file = open("src/test_data/big5_out.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8197e1a7dedf812 Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1899
big5_out_ref_file = open("src/test_data/big5_out_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e648d644f32318d Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1921
jis0212_in_file = open("src/test_data/jis0212_in.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06d20c5d033c568f Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1930
jis0212_in_ref_file = open("src/test_data/jis0212_in_ref.txt", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ffac099be974895f Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1942
codepage_file = open("../codepage/src/lib.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #caff245e1770bdad Filesystem access.
pkgs/python/[email protected]/include/cargo/encoding_rs-0.8.35/generate-encoding-data.py:1974
codepage_test_file = open("../codepage/src/tests.rs", "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pandas

python dependency
expand_more 28 low-confidence finding(s)
low env_fs dependency Excluded from app score #104c20c00fa04a74 Filesystem access.
pkgs/python/[email protected]/generate_pxi.py:8
    with open(pxifile, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #71211b3befc170f2 Filesystem access.
pkgs/python/[email protected]/generate_pxi.py:12
    with open(outfile, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d2e18cfe68b213c Environment-variable access.
pkgs/python/[email protected]/generate_version.py:25
    if os.environ.get("MESON_DIST_ROOT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab7e3bdba5ec7e06 Environment-variable access.
pkgs/python/[email protected]/generate_version.py:26
        path = os.path.join(os.environ.get("MESON_DIST_ROOT"), path)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #92c11fe0dfb32da2 Filesystem access.
pkgs/python/[email protected]/generate_version.py:27
    with open(path, "w", encoding="utf-8") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46eb8a8d07fa3276 Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:76
                    del os.environ["TZ"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c86c8c8f76d29ae0 Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:80
                os.environ["TZ"] = tz

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1328cbbb5f792641 Environment-variable access.
pkgs/python/[email protected]/pandas/_testing/contexts.py:85
    orig_tz = os.environ.get("TZ")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b90759a0281b9c36 Filesystem access.
pkgs/python/[email protected]/pandas/_version.py:159
        with open(versionfile_abs, encoding="utf-8") as fobj:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #493a985b561b5a80 Environment-variable access.
pkgs/python/[email protected]/pandas/_version.py:264
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0be956372d2ce8c6 Environment-variable access.
pkgs/python/[email protected]/pandas/compat/__init__.py:154
    return os.environ.get("PANDAS_CI", "0") == "1"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #57e66270c1dca1ab Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:425
        if os.environ.get("PANDAS_COPY_ON_WRITE", "0") == "warn"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5e95921579e7c746 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:426
        else os.environ.get("PANDAS_COPY_ON_WRITE", "1") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d52d3db809e053f8 Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:878
        False if os.environ.get("PANDAS_FUTURE_INFER_STRING", "1") == "0" else True,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1ea02f02251cdcb Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:895
        os.environ.get("PANDAS_FUTURE_DISTINGUISH_NAN_AND_NA", "0") == "1",

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f36b9e4028e0f7a Environment-variable access.
pkgs/python/[email protected]/pandas/core/config_init.py:906
        False if os.environ.get("PANDAS_FUTURE_PYTHON_SCALARS", "0") == "0" else True,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e9e57f2c3de47fbb Filesystem access.
pkgs/python/[email protected]/pandas/core/series.py:1573
            with open(buf, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5e5d9936eae92fd Environment-variable access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:74
HAS_DISPLAY = os.getenv("DISPLAY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d64adbc18282716 Filesystem access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:302
        with open("/dev/clipboard", "w", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7580b42e75dc1ab6 Filesystem access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:306
        with open("/dev/clipboard", encoding="utf-8") as fd:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #126e1993ddd3c9e4 Environment-variable access.
pkgs/python/[email protected]/pandas/io/clipboard/__init__.py:569
        if os.environ.get("WAYLAND_DISPLAY") and _executable_exists("wl-copy"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f766a575d387469c Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:930
            handle = open(
                handle,
                ioargs.mode,
                encoding=ioargs.encoding,
                errors=errors,
                newline="",
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5721f5044557662c Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:939
            handle = open(handle, ioargs.mode)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #569e939b70174732 Filesystem access.
pkgs/python/[email protected]/pandas/io/common.py:1192
        handle = open(handle, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #18dee3e42ff4702c Filesystem access.
pkgs/python/[email protected]/pandas/io/formats/format.py:1076
        with open(buf, "w", encoding=encoding, newline="") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1748f196273d8c18 Environment-variable access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:57
        "LC_ALL": os.environ.get("LC_ALL"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #44892988ef9d14d0 Environment-variable access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:58
        "LANG": os.environ.get("LANG"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9524d4aa561c6ce9 Filesystem access.
pkgs/python/[email protected]/pandas/util/_print_versions.py:148
            with open(as_json, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

passlib

python dependency
expand_more 18 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #02d7b1ac85e9573f Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:41
for _tag in os.environ.get("SPHINX_BUILD_TAGS", "").split():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b65713b8cdfcfdcd Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:183
html_theme = os.environ.get("SPHINX_THEME") or 'redcloud'

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #95f0282f4baa24fd Filesystem access.
pkgs/python/[email protected]/passlib/_setup/stamp.py:34
    with open(path, "r") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #601f9c74a464b915 Filesystem access.
pkgs/python/[email protected]/passlib/_setup/stamp.py:45
    with open(path, "w") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a810b089b4c4350 Environment-variable access.
pkgs/python/[email protected]/passlib/_setup/stamp.py:113
        now = int(os.environ.get('SOURCE_DATE_EPOCH') or time.time())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e726cee70f7c3ed1 Filesystem access.
pkgs/python/[email protected]/passlib/apache.py:201
            with open(path, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35cf99919536919e Filesystem access.
pkgs/python/[email protected]/passlib/apache.py:212
            with open(self._path, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #899b5c41dc81cd5f Filesystem access.
pkgs/python/[email protected]/passlib/apache.py:299
            with open(path, "wb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ee5599d5c6e5952 Filesystem access.
pkgs/python/[email protected]/passlib/context.py:1482
            with open(path, "rt", encoding=encoding) as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #104f62064906252f Filesystem access.
pkgs/python/[email protected]/passlib/context.py:1486
            with open(path, "rb") as stream:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8a13ac9e59c712d Filesystem access.
pkgs/python/[email protected]/passlib/context.py:1490
            with open(path, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68d4ec2d193eb212 Environment-variable access.
pkgs/python/[email protected]/passlib/crypto/digest.py:617
if as_bool(os.environ.get("PASSLIB_MOCK_FIPS_MODE")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e526d0da722b198 Environment-variable access.
pkgs/python/[email protected]/passlib/crypto/digest.py:877
_force_backend = os.environ.get("PASSLIB_PBKDF2_BACKEND") or "any"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #20a9caea2989b796 Environment-variable access.
pkgs/python/[email protected]/passlib/handlers/bcrypt.py:854
        if not as_bool(os.environ.get("PASSLIB_BUILTIN_BCRYPT")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35fc9407a4b2f1e4 Filesystem access.
pkgs/python/[email protected]/passlib/pwd.py:120
        return open(path, "rb")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9bcac475f431ec5 Filesystem access.
pkgs/python/[email protected]/passlib/totp.py:285
            secrets = open(secrets_path, "rt").read()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9be0d2f88d075904 Environment-variable access.
pkgs/python/[email protected]/passlib/utils/__init__.py:140
MAX_PASSWORD_SIZE = int(os.environ.get("PASSLIB_MAX_PASSWORD_SIZE") or 4096)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b3b6552329f2e56a Environment-variable access.
pkgs/python/[email protected]/setup.py:156
    if as_bool(os.environ.get("SETUP_TAG_RELEASE", "yes")):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

platformdirs

python dependency
expand_more 33 low-confidence finding(s)
low env_fs dependency Excluded from app score #4fb0299edaeab5b5 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/__init__.py:33
    if os.getenv("ANDROID_DATA") == "/data" and os.getenv("ANDROID_ROOT") == "/system":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ec3883184a8f37a Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/__init__.py:34
        if os.getenv("SHELL") or os.getenv("PREFIX"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #da414542d889b5aa Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:16
        if path := os.environ.get("XDG_DATA_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2dec0adff12b0961 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:22
        if xdg_dirs := os.environ.get("XDG_DATA_DIRS", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d090b9fe54b12f4 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:35
        if path := os.environ.get("XDG_CONFIG_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #629f43f72157ebac Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:41
        if xdg_dirs := os.environ.get("XDG_CONFIG_DIRS", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #38bf25d44cc3fce0 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:54
        if path := os.environ.get("XDG_CACHE_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #25d650d6956f7028 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:61
        if path := os.environ.get("XDG_STATE_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #12b9b5376ad4ad97 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:68
        if path := os.environ.get("XDG_RUNTIME_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3c674ea2fb17092 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:75
        if path := os.environ.get("XDG_RUNTIME_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d9e886bb7313574c Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:82
        if path := os.environ.get("XDG_DOCUMENTS_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e068146d54cbc5a Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:89
        if path := os.environ.get("XDG_DOWNLOAD_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3ec6c81cbab46f37 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:96
        if path := os.environ.get("XDG_PICTURES_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88250c40f3003389 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:103
        if path := os.environ.get("XDG_VIDEOS_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9530f2e4f8096236 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:110
        if path := os.environ.get("XDG_MUSIC_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6ead2b9851def388 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:117
        if path := os.environ.get("XDG_DESKTOP_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aaf2945b07ed359d Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:124
        if path := os.environ.get("XDG_PROJECTS_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dab925825fcb5102 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:131
        if path := os.environ.get("XDG_PUBLICSHARE_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e7f8ed1e7c81f09c Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:138
        if path := os.environ.get("XDG_TEMPLATES_DIR", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00af5fd0eb4bfb8d Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:145
        if path := os.environ.get("XDG_DATA_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1804ea5f10faba8c Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:152
        if path := os.environ.get("XDG_DATA_HOME", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #21f297678893a862 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/_xdg.py:158
        if xdg_dirs := os.environ.get("XDG_DATA_DIRS", "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d4e8f197916da95e Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/unix.py:302
    config_home = os.environ.get("XDG_CONFIG_HOME", "").strip() or os.path.expanduser("~/.config")  # noqa: PTH111

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #149cd5c50cec7080 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:145
        return os.path.normpath(os.environ.get("PUBLIC", str(Path("~").expanduser().parent / "Public")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f31e62b00d9a4f48 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:208
    result = os.environ.get(env_var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4b12c70b6209118 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:218
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Documents")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #189e8b68ff54cb65 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:221
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Downloads")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #729df6d19ec43049 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:224
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Pictures")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9d62bcf0f273dd2e Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:227
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Videos")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #76dafc19e7501c1f Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:230
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Music")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #59f0bf455c142897 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:234
            os.path.normpath(os.environ["APPDATA"]),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26377cd034fba486 Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:243
            os.path.normpath(os.environ.get("PROGRAMDATA", os.environ.get("ALLUSERSPROFILE", "C:\\ProgramData"))),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #58dfae8aa78cf7ad Environment-variable access.
pkgs/python/[email protected]/src/platformdirs/windows.py:388
    if override := os.environ.get(env_var, "").strip():

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

prometheus-client

python dependency
expand_more 20 low-confidence finding(s)
low env_fs dependency Excluded from app score #f267d5bd75282efc Environment-variable access.
pkgs/python/[email protected]/prometheus_client/django/exposition.py:12
    multiprocess_mode: bool = "PROMETHEUS_MULTIPROC_DIR" in os.environ or "prometheus_multiproc_dir" in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #83777ed4ad67c448 Filesystem access.
pkgs/python/[email protected]/prometheus_client/exposition.py:473
        with open(tmppath, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93da32792549e0fa Environment-variable access.
pkgs/python/[email protected]/prometheus_client/metrics.py:45
    return os.environ.get("PROMETHEUS_DISABLE_CREATED_SERIES", 'False').lower() not in ('true', '1', 't')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a10b2a18db84257 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/metrics.py:206
        if 'prometheus_multiproc_dir' in os.environ or 'PROMETHEUS_MULTIPROC_DIR' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b6f37c97564fd2c3 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/metrics.py:224
        if 'prometheus_multiproc_dir' in os.environ or 'PROMETHEUS_MULTIPROC_DIR' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #096772f0203121d7 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/metrics.py:257
        if 'prometheus_multiproc_dir' in os.environ or 'PROMETHEUS_MULTIPROC_DIR' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99bb9dc9557557f7 Filesystem access.
pkgs/python/[email protected]/prometheus_client/mmap_dict.py:64
        self._f = open(filename, 'rb' if read_mode else 'a+b')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #532d314adac33989 Filesystem access.
pkgs/python/[email protected]/prometheus_client/mmap_dict.py:86
        with open(filename, 'rb') as infp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d94745492aa11375 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/multiprocess.py:25
            if 'prometheus_multiproc_dir' in os.environ and 'PROMETHEUS_MULTIPROC_DIR' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #430cf7871bc607b9 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/multiprocess.py:26
                os.environ['PROMETHEUS_MULTIPROC_DIR'] = os.environ['prometheus_multiproc_dir']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #080543559a137f00 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/multiprocess.py:28
            path = os.environ.get('PROMETHEUS_MULTIPROC_DIR')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0c1870dd4c7953bb Environment-variable access.
pkgs/python/[email protected]/prometheus_client/multiprocess.py:180
        path = os.environ.get('PROMETHEUS_MULTIPROC_DIR', os.environ.get('prometheus_multiproc_dir'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93b572ee784571f7 Filesystem access.
pkgs/python/[email protected]/prometheus_client/process_collector.py:49
        with open(os.path.join(self._proc, 'stat'), 'rb') as stat:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0bdeb2a1d98e5891 Filesystem access.
pkgs/python/[email protected]/prometheus_client/process_collector.py:62
            with open(os.path.join(pid, 'stat'), 'rb') as stat:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40a837279640d429 Filesystem access.
pkgs/python/[email protected]/prometheus_client/process_collector.py:83
            with open(os.path.join(pid, 'limits'), 'rb') as limits:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9aa5c0876d8b1589 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/validation.py:11
    return os.environ.get("PROMETHEUS_LEGACY_NAME_VALIDATION", 'False').lower() in ('true', '1', 't')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66945685a12deaee Environment-variable access.
pkgs/python/[email protected]/prometheus_client/values.py:63
            if 'prometheus_multiproc_dir' in os.environ and 'PROMETHEUS_MULTIPROC_DIR' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7724c89b54fa7374 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/values.py:64
                os.environ['PROMETHEUS_MULTIPROC_DIR'] = os.environ['prometheus_multiproc_dir']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #531b329a9f7ec087 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/values.py:79
                    os.environ.get('PROMETHEUS_MULTIPROC_DIR'),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c7dd606b97e1366 Environment-variable access.
pkgs/python/[email protected]/prometheus_client/values.py:133
    if 'prometheus_multiproc_dir' in os.environ or 'PROMETHEUS_MULTIPROC_DIR' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #abc05156de57fb32 Filesystem access.
pkgs/python/[email protected]/pydantic/deprecated/parse.py:71
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88b2c48f56bcc308 Environment-variable access.
pkgs/python/[email protected]/pydantic/json_schema.py:344
                if os.getenv('PYDANTIC_PRIVATE_ALLOW_UNHANDLED_SCHEMA_TYPES'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68d37b195d1a6bab Filesystem access.
pkgs/python/[email protected]/pydantic/mypy.py:1411
    with open(config_file, 'rb') as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f6e7e64fc66974ce Environment-variable access.
pkgs/python/[email protected]/pydantic/plugin/_loader.py:27
    disabled_plugins = os.getenv('PYDANTIC_DISABLE_PLUGINS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ea10387ee85b5e8d Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:173
            env_vars: Mapping[str, Optional[str]] = os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #efaccb5bbb8ee763 Environment-variable access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:175
            env_vars = {k.lower(): v for k, v in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #22d7bcaf1a7d73eb Filesystem access.
pkgs/python/[email protected]/pydantic/v1/env_settings.py:307
                    secret_value = path.read_text().strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af2f68af1ce841a4 Filesystem access.
pkgs/python/[email protected]/pydantic/v1/mypy.py:948
    with open(config_file, read_mode) as rf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2c6efd8a972b2f8c Filesystem access.
pkgs/python/[email protected]/pydantic/v1/parse.py:57
    b = path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pydantic-settings

python dependency
expand_more 3 low-confidence finding(s)
low env_fs dependency Excluded from app score #fb5e62e0840021d9 Environment-variable access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/env.py:75
        return parse_env_vars(os.environ, self.case_sensitive, self.env_ignore_empty, self.env_parse_none_str)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe738728fa0dca3f Filesystem access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/nested_secrets.py:203
        return {str(p.relative_to(path)): p.read_text().strip() for p in cls._iter_secret_files(path)}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5249fa5284d06ff Filesystem access.
pkgs/python/[email protected]/pydantic_settings/sources/providers/secrets.py:122
                    return path.read_text().strip(), field_key, value_is_complex

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pymongo

python dependency
expand_more 113 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #19c9dfa6b1c27e87 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:292
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2cb7bc630ca6b403 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:321
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #36f9e98d0a7a256d Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/generate_config_utils.py:354
    data = target.read_text().splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #97a71a5141b15385 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:64
    base_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #cf5e3e134afbaf45 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:99
            os.environ["AZUREKMS_VMNAME_PREFIX"] = "PYTHON_DRIVER"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e8fa59a2f8a519b1 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:102
            os.environ[

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ca8eb09a622c83f0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:102
            os.environ[
                "AZUREKMS_IMAGE"
            ] = "Canonical:0001-com-ubuntu-server-jammy:22_04-lts-gen2:latest"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #18c7501df73ebba7 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:106
            os.environ["GCPKMS_IMAGEFAMILY"] = "debian-12"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f98f17b59a30a889 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:128
        key_name = os.environ["KEY_NAME"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4998288cf9673154 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/kms_tester.py:129
        key_vault_endpoint = os.environ["KEY_VAULT_ENDPOINT"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c362a95d8388fca6 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:26
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #dec3e2a6343e4698 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:64
        LOGGER.error(Path("error_log").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #580d847e9911021c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:72
    uri1 = os.environ["TEST_URI1"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #01ff290f921d393c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:73
    uri2 = os.environ["TEST_URI2"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5081e014f8a3655c Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:81
        LOGGER.error(Path("error_log").read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2968d7c60650d4e0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:86
    apache = os.environ["APACHE_BINARY"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2fd27d4ed0cc2f1b Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/mod_wsgi_tester.py:87
    apache_config = os.environ["APACHE_CONFIG"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0ccbc1e0b891b0d7 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:34
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a30264b056e06804 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:36
    if sub_test_name == "eks" and "AWS_ACCESS_KEY_ID" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1850099001159bb7 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:39
            if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #570ef2b7e674dbf4 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:40
                write_env(key, os.environ[key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #faa15961df5eef74 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:62
        return os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c7a38a25235817bc Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/oidc_tester.py:84
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0da8bed8218c4f7d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/resync-all-specs.py:63
    spec_dir = pathlib.Path(os.environ["MDB_SPECS"]) / "source"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b4e8aabac849c66d Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/resync-all-specs.py:126
            with open(filename, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4d19bf06531cd24e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:10
    os.environ[name] = str(value)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a42304e3c4ca4968 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:22
    if "VERSION" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #49ee243d7b68a6b9 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:23
        os.environ["MONGODB_VERSION"] = os.environ["VERSION"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3a9a5587a2a8865b Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:32
        os.environ["TOPOLOGY"] = "replica_set"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6727e54e166bd9d5 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:33
        os.environ["MONGODB_VERSION"] = "7.0"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f3592d3dd99a2dee Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_server.py:35
    if not os.environ.get("TEST_CRYPT_SHARED"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #4086ef8a97eee4af Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:24
AUTH = os.environ.get("AUTH", "noauth")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6b78ff464f78a3b0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:25
SSL = os.environ.get("SSL", "nossl")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #cb00752c41d38fd9 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:26
UV_ARGS = os.environ.get("UV_ARGS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6f992646f4d8e83e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:27
TEST_PERF = os.environ.get("TEST_PERF")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ac6b9089b13b31c4 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:28
GREEN_FRAMEWORK = os.environ.get("GREEN_FRAMEWORK")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b240a6ab981318dd Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:29
TEST_ARGS = os.environ.get("TEST_ARGS", "").split()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #03fb016461ac75e6 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:30
TEST_NAME = os.environ.get("TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #64dd4bd51b09e694 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:31
SUB_TEST_NAME = os.environ.get("SUB_TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #929a6e39809cfcd8 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:53
    with open("results.json") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #09dcd4220a5d2aa6 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:68
    with open("report.json", "w", newline="\n") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b169c7da99377095 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:106
    env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #21babd322ebdbb3e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:150
    if not os.environ.get("NO_EXT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #921086bb1fa2f256 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:153
    if os.environ.get("PYMONGOCRYPT_LIB"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #d189c792f3d117c2 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:204
    if os.environ.get("DEBUG_LOG"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ed9a72fd12d01354 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/run_tests.py:207
    if os.environ.get("COVERAGE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ced83c60f399e687 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:57
    value = os.environ.get(var, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7a8a75a82c97abd6 Filesystem access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:65
    with open("/etc/os-release") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ffdff04672a6fc7e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:111
        url = os.environ["LIBMONGOCRYPT_URL"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low pii_flow tooling Excluded from app score unreachable #24b5e605b5cec441 User/PII-bearing data read from the environment or filesystem flows to an external network call. This is potential data exfiltration. Non-production path — not application runtime.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:116 · flow /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:111 → /tmp/closeopen-uhn6nk5u/pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:116
    with request.urlopen(request.Request(url), timeout=15.0) as response:  # noqa: S310

User/PII-bearing data flows to an external sink — the classic data-exfiltration shape.

Fix: Confirm no user identifiers reach this sink; redact/hash before sending, or remove the flow.

low env_fs tooling Excluded from app score unreachable #ad383e956b54fd1e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:181
            write_env(var, os.environ.get(var, getattr(opts, var.lower(), "")))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #d3e96f963df59e22 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:200
        env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #359245b98f349bcb Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:223
        if "AWS_ACCESS_KEY_ID" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5f3546dd1a20e9f0 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:225
                if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2b742de26ca2a220 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:226
                    write_env(key, os.environ[key])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b9f778321e7a0a1e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:268
            os.environ["KRB5_CONFIG"] = str(krb_conf)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #31c2006aaee5c1d9 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:281
        SINGLE_MONGOS_LB_URI = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #107a3817e4012a08 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:281
        SINGLE_MONGOS_LB_URI = os.environ.get(
            "SINGLE_MONGOS_LB_URI", "mongodb://127.0.0.1:8000/?loadBalanced=true"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #27fefaa9b99c114e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:284
        MULTI_MONGOS_LB_URI = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8ea18d25de12157c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:284
        MULTI_MONGOS_LB_URI = os.environ.get(
            "MULTI_MONGOS_LB_URI", "mongodb://127.0.0.1:8001/?loadBalanced=true"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8c965729216a9c1e Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:304
            os.environ["OCSP_SERVER_TYPE"] = sub_test_name

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2c9a2bd0c294c43b Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:306
            if name not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #d2be3cdc852c8d47 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:309
        server_type = os.environ["OCSP_SERVER_TYPE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #147a71e827bc7312 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:310
        orch_file = os.environ["ORCHESTRATION_FILE"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7ba6928f565a22c5 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:321
            env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #891dea587f9fad41 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:328
        version = os.environ.get("VERSION", "latest")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #cca1219107bfd55f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:349
    compressors = os.environ.get("COMPRESSORS") or opts.compressor

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b2a94fc206f3d0ea Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:412
        if "AWS_ROLE_SESSION_NAME" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c38f7f6aa21b7e9f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/setup_tests.py:472
        framework = opts.green_framework or os.environ["GREEN_FRAMEWORK"]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #923427d483055625 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:10
TEST_NAME = os.environ.get("TEST_NAME", "unconfigured")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #ca5aa74e7ce94739 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:11
SUB_TEST_NAME = os.environ.get("SUB_TEST_NAME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c422a10e58776426 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:52
    Path(os.environ["OUTPUT_FILE"]).unlink(missing_ok=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2d8ff9c4b23ef81c Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/teardown_tests.py:61
if os.environ.get("COVERAGE"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8d72e82095994380 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:15
DRIVERS_TOOLS = os.environ.get("DRIVERS_TOOLS", "").replace(os.sep, "/")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0e3cf31c3445331a Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:169
        if env_var in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #2266d71633235c90 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:173
                opts.auth = os.environ.get("AUTH") == "auth"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #fa83e90cbf06427d Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:175
                ssl_opt = os.environ.get("SSL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #05c5c73b5f98484f Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:178
                if os.environ[env_var]:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f2f2188731eae43a Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:181
                setattr(opts, key, os.environ[env_var])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #a5181b47953a2843 Environment-variable access.
pkgs/python/[email protected]/.evergreen/scripts/utils.py:211
    env = kwargs.pop("env", os.environ).copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5a739a706a980487 Environment-variable access.
pkgs/python/[email protected]/_setup.py:71
            if os.environ.get("PYMONGO_C_EXT_MUST_BUILD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #027e24a594d32c37 Environment-variable access.
pkgs/python/[email protected]/_setup.py:88
            if "ProgramFiles" in os.environ and "ProgramFiles(x86)" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04e9349d637dabfb Environment-variable access.
pkgs/python/[email protected]/_setup.py:89
                os.environ["ProgramFiles(x86)"] = os.environ["ProgramFiles"] + " (x86)"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #85554e59e33ffd36 Environment-variable access.
pkgs/python/[email protected]/_setup.py:94
            if os.environ.get("PYMONGO_C_EXT_MUST_BUILD"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #abc8f5175459ff22 Environment-variable access.
pkgs/python/[email protected]/_setup.py:127
if "--no_ext" in sys.argv or os.environ.get("NO_EXT"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c4db1fd88d6cacd8 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:81
        token_file = os.environ.get("OIDC_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0df3cdfb7e2fe4fe Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:86
        with open(token_file) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e5cac627ba6adbb Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:92
        token_file = os.environ.get("AWS_WEB_IDENTITY_TOKEN_FILE")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b164098a4f534cf0 Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:97
        with open(token_file) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7f5c6ff3a2e9977 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:129
        if key in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9ce59e5d814678e7 Environment-variable access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:130
            fname = os.environ[key]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4bfd569328678859 Filesystem access.
pkgs/python/[email protected]/pymongo/auth_oidc_shared.py:131
    with open(fname) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d103d8739cf182b6 Filesystem access.
pkgs/python/[email protected]/pymongo/common.py:238
    open(value).close()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3b87717680f390f3 Filesystem access.
pkgs/python/[email protected]/pymongo/daemon.py:64
            with open(os.devnull, "r+b") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #877be3c8b8c3ed9f Filesystem access.
pkgs/python/[email protected]/pymongo/daemon.py:95
            with open(os.devnull, "r+b") as devnull:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28e2a78112c87bb2 Environment-variable access.
pkgs/python/[email protected]/pymongo/logger.py:165
        document_length = int(os.getenv("MONGOB_LOG_MAX_DOCUMENT_LENGTH", _DEFAULT_DOCUMENT_LENGTH))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #111ca11aff8ef0e6 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:78
        "architecture": os.environ.get("PROCESSOR_ARCHITECTURE") or platform.machine(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3bf41ee83bf681e9 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:119
    if os.getenv(ENV_VAR_K8S):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6dabff2bbe2a2945 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:126
    if os.getenv("AWS_LAMBDA_RUNTIME_API"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d746a9b2249de08a Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:128
    env = os.getenv("AWS_EXECUTION_ENV")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35fad4082e56ce2a Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:135
    return bool(os.getenv("FUNCTIONS_WORKER_RUNTIME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #143a63766d3ed9a5 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:139
    return bool(os.getenv("K_SERVICE") or os.getenv("FUNCTION_NAME"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0af370dbb7cdc79f Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:143
    return bool(os.getenv("VERCEL"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c7e0a72790c0e816 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:152
    val = os.getenv(key)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a76ca612a0873eab Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:171
        region = os.getenv("AWS_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #29d2ce62802fe91b Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:181
        region = os.getenv("FUNCTION_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3281eae8e718aac0 Environment-variable access.
pkgs/python/[email protected]/pymongo/pool_options.py:192
        region = os.getenv("VERCEL_REGION")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9d76c2d5b23c7b19 Filesystem access.
pkgs/python/[email protected]/tools/compare_import_time.py:23
    with open(f"pymongo-{sha}.log") as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #40e5dc6498dc66a2 Filesystem access.
pkgs/python/[email protected]/tools/convert_test_to_async.py:123
    with open(input_file, "r+") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6f79f1e2ae97e5ff Filesystem access.
pkgs/python/[email protected]/tools/convert_test_to_async.py:127
        with open(output_file, "w+") as f2:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c1221a7bdda0bf78 Filesystem access.
pkgs/python/[email protected]/tools/ensure_future_annotations_import.py:29
        with open(path) as fid:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #427fe607db02867c Filesystem access.
pkgs/python/[email protected]/tools/synchro.py:290
            with open(file, "r+") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #acd5dbbe768eed2e Environment-variable access.
pkgs/python/[email protected]/tools/synchro.py:442
            and "OVERRIDE_SYNCHRO_CHECK" not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pypdf

python dependency
expand_more 9 low-confidence finding(s)
low env_fs dependency Excluded from app score #fb3300dc7e3ea869 Filesystem access.
pkgs/python/[email protected]/pypdf/_page.py:2033
            debug_path.joinpath("fonts.json").write_text(
                json.dumps(fonts, indent=2, default=asdict),
                "utf-8"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bee261593b9eb6d Filesystem access.
pkgs/python/[email protected]/pypdf/_reader.py:172
            with open(stream, "rb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6e9c22b0ee1ebdf3 Filesystem access.
pkgs/python/[email protected]/pypdf/_text_extraction/_layout_mode/_fixed_width_page.py:285
        debug_path.joinpath("bt_groups.json").write_text(
            json.dumps(ty_groups, indent=2, default=str), "utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e6dae03b5c9ddc5 Filesystem access.
pkgs/python/[email protected]/pypdf/_text_extraction/_layout_mode/_fixed_width_page.py:351
        debug_path.joinpath("bts.json").write_text(
            json.dumps(bt_groups, indent=2, default=str), "utf-8"
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #68770a4515cc4b5c Filesystem access.
pkgs/python/[email protected]/pypdf/_text_extraction/_layout_mode/_fixed_width_page.py:354
        debug_path.joinpath("tjs.json").write_text(
            json.dumps(
                tj_ops, indent=2, default=lambda x: getattr(x, "to_dict", str)(x)
            ),
            "utf-8",
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c99ab6b537ea2431 Filesystem access.
pkgs/python/[email protected]/pypdf/_utils.py:391
    with open("pypdf_pdfLocation.txt", "wb") as output_fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ddd65ab26af64251 Filesystem access.
pkgs/python/[email protected]/pypdf/_writer.py:245
                with open(fileobj, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b2854fe8e0948c31 Environment-variable access.
pkgs/python/[email protected]/pypdf/filters.py:752
            environment = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b37a8d9d789406b8 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/resources/afm_to_dataclass.py:24
        with urllib.request.urlopen(
            f"https://{FONT_LOC}"
        ) as connection, ZipFile(BytesIO(

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

pyperclip

python dependency
expand_more 5 low-confidence finding(s)
low env_fs dependency Excluded from app score #7b56c87c17a5a441 Filesystem access.
pkgs/python/[email protected]/src/pyperclip/__init__.py:275
        fo = open('/dev/clipboard', 'wt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be39a3f82cb3cda6 Filesystem access.
pkgs/python/[email protected]/src/pyperclip/__init__.py:280
        fo = open('/dev/clipboard', 'rt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #50206363e094cd2e Filesystem access.
pkgs/python/[email protected]/src/pyperclip/__init__.py:518
        with open('/proc/version', 'r') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #93a0c946bd29cb5d Environment-variable access.
pkgs/python/[email protected]/src/pyperclip/__init__.py:534
    if os.getenv("WAYLAND_DISPLAY") and _executable_exists("wl-copy")  and _executable_exists("wl-paste"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1ba496435857e303 Environment-variable access.
pkgs/python/[email protected]/src/pyperclip/__init__.py:540
    elif os.getenv("DISPLAY"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

python-docx

python dependency
expand_more 7 low-confidence finding(s)
low env_fs dependency Excluded from app score #70b86ff875d1c208 Filesystem access.
pkgs/python/[email protected]/src/docx/image/image.py:41
            with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0526d4030a865d68 Filesystem access.
pkgs/python/[email protected]/src/docx/opc/phys_pkg.py:47
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #581975a8ae6c5e27 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/comments.py:49
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cd0a1ee781486ea0 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/hdrftr.py:31
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f7ef720ccb529ac3 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/hdrftr.py:51
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0da49dc8f067cd7d Filesystem access.
pkgs/python/[email protected]/src/docx/parts/settings.py:48
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b47d6808e9563b87 Filesystem access.
pkgs/python/[email protected]/src/docx/parts/styles.py:40
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

python-multipart

python dependency
expand_more 1 low-confidence finding(s)
low env_fs dependency Excluded from app score #091dbb229ac76bfb Filesystem access.
pkgs/python/[email protected]/python_multipart/multipart.py:516
                tmp_file = open(path, "w+b")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

pytube

python dependency
expand_more 5 low-confidence finding(s)
low env_fs dependency Excluded from app score #31d5995d819be35a Filesystem access.
pkgs/python/[email protected]/pytube/captions.py:154
        with open(file_path, "w", encoding="utf-8") as file_handle:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #853dbe128447d563 Filesystem access.
pkgs/python/[email protected]/pytube/innertube.py:249
                with open(_token_file) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe4d82a6e8ddb4cd Filesystem access.
pkgs/python/[email protected]/pytube/innertube.py:268
        with open(_token_file, 'w') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #46d123b236c8b7bd Filesystem access.
pkgs/python/[email protected]/pytube/streams.py:312
        with open(file_path, "wb") as fh:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #823a7453110ddf95 Filesystem access.
pkgs/python/[email protected]/setup.py:13
with open(os.path.join(here, "pytube", "version.py")) as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

qdrant-client

python dependency
expand_more 12 low-confidence finding(s)
low env_fs dependency Excluded from app score #e073a51c9c08fffd Filesystem access.
pkgs/python/[email protected]/qdrant_client/embed/schema_parser.py:298
        with open(output_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #97707924c7e12de4 Filesystem access.
pkgs/python/[email protected]/qdrant_client/embed/utils.py:76
    with open(path, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b44c56b1015d19b Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:99
            with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52dc2eb32b51a7b2 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:102
            with open(meta_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1fd8d876dbddab7a Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:125
            with open(lock_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7eb8e41c174d8f3c Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:127
        self._flock_file = open(lock_file_path, "r+")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #596b5af5ba597554 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/async_qdrant_local.py:146
        with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48808482564d3352 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:102
            with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab38f398a311230d Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:105
            with open(meta_path, "r") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #855bd106eae4b1f6 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:136
            with open(lock_file_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1a9f3f8e39ad3b45 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:138
        self._flock_file = open(lock_file_path, "r+")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9c9164bde4dbc342 Filesystem access.
pkgs/python/[email protected]/qdrant_client/local/qdrant_local.py:162
        with open(meta_path, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

sentence-transformers

python dependency
expand_more 58 low-confidence finding(s)
low env_fs dependency Excluded from app score #a3d9db7b8e52ed0e Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/__init__.py:45
if importlib.util.find_spec("codecarbon") and "CODECARBON_LOG_LEVEL" not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a162894ce4774466 Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/__init__.py:46
    os.environ["CODECARBON_LOG_LEVEL"] = "error"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3f28b803efec144c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/backend/load.py:155
            with open(ov_config, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5bafb84d5c84831a Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:182
            cache_folder = os.getenv("SENTENCE_TRANSFORMERS_HOME")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #753155d4f75e650e Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:634
        with open(os.path.join(path, "config_sentence_transformers.json"), "w", encoding="utf8") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5233e4fb3cf88fc4 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:679
        with open(os.path.join(path, "modules.json"), "w", encoding="utf8") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #702b6c09422c3205 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:771
        with open(os.path.join(path, "README.md"), "w", encoding="utf8") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6716e233b80e825e Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:1076
            with open(config_sentence_transformers_json_path, encoding="utf8") as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8860b406dc8c1af Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:1110
                with open(model_card_path, encoding="utf8") as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #600b4348bbe647a8 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:1124
        with open(modules_json_path, encoding="utf8") as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d0c3a11cfc510179 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/model.py:1318
        with open(config_sentence_transformers_json_path, encoding="utf8") as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a74b5d1ca512be36 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/modules/module.py:211
        with open(config_path, encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #633f56197a0cd39d Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/modules/module.py:406
        with open(config_output_path, "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #32a4f2f5abb5d28d Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/modules/router.py:567
        with open(os.path.join(output_path, self.config_file_name), "w", encoding="utf8") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6095fbd2a759be06 Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/base/trainer.py:295
            os.environ.setdefault("WANDB_PROJECT", "sentence-transformers")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be95f056c5062ebd Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/base/trainer.py:299
            os.environ.setdefault("TRACKIO_PROJECT", "sentence-transformers")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #047c3acdf62f63e7 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/base/trainer.py:1037
                with open(index_path) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab21316e95f7717f Filesystem access.
pkgs/python/[email protected]/sentence_transformers/cross_encoder/evaluation/classification.py:180
            with open(csv_path, mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #48b07a9e9a384b75 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/cross_encoder/evaluation/correlation.py:129
            with open(csv_path, mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5742be113714c58c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/cross_encoder/evaluation/nano_beir.py:283
                fOut = open(csv_path, mode="w", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c91aaf8e90000658 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/cross_encoder/evaluation/nano_beir.py:288
                fOut = open(csv_path, mode="a", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3e690a0815af6da Filesystem access.
pkgs/python/[email protected]/sentence_transformers/cross_encoder/evaluation/reranking.py:301
            with open(csv_path, mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1e1757daebb979dc Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/datasets/parallel_sentences.py:96
            else open(filepath, encoding="utf8") as fIn

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c62511cbf9fe65dc Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/binary_classification.py:195
                with open(csv_path, newline="", mode="w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9558b196c060274b Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/binary_classification.py:200
                with open(csv_path, newline="", mode="a", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e17d2b0d3bb30d10 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/embedding_similarity.py:207
            with open(csv_path, newline="", mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a8cbc16200d57d89 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/information_retrieval.py:250
                fOut = open(csv_path, mode="w", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #47e05f5807f3aad6 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/information_retrieval.py:255
                fOut = open(csv_path, mode="a", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b9e2a9cb292004fc Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/information_retrieval.py:388
                with open(json_path, mode=mode, encoding="utf-8") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a62bbe414c9aed96 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/label_accuracy.py:84
                with open(csv_path, newline="", mode="w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5cb0725529e1181c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/label_accuracy.py:89
                with open(csv_path, newline="", mode="a", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cc45cef39fbe9065 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/mse.py:122
            with open(csv_path, newline="", mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #64c95d2fe5d7234c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/mse_from_dataframe.py:110
            with open(csv_path, newline="", mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0da8d715514f5373 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/nano_beir.py:353
                fOut = open(csv_path, mode="w", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d50a7a497906dede Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/nano_beir.py:358
                fOut = open(csv_path, mode="a", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #635e8e955d926515 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/paraphrase_mining.py:224
                with open(csv_path, newline="", mode="w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bd0a0e40c70bd364 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/paraphrase_mining.py:229
                with open(csv_path, newline="", mode="a", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #96dacb087b4a503a Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/reranking.py:186
            with open(csv_path, newline="", mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aa2d115519460903 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/translation.py:157
            with open(csv_path, newline="", mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2297e05b0816d3b Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/triplet.py:220
                with open(csv_path, newline="", mode="w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4e3bc81c8c4c5d18 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/evaluation/triplet.py:226
                with open(csv_path, newline="", mode="a", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5b26bfa805dbe6ff Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/modules/tokenizer/phrase.py:105
        with open(os.path.join(output_path, "phrasetokenizer_config.json"), "w") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #56a8c1df54cb0727 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/modules/tokenizer/phrase.py:119
        with open(os.path.join(input_path, "phrasetokenizer_config.json")) as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #51bc5b689d648119 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/modules/tokenizer/whitespace.py:63
        with open(os.path.join(output_path, "whitespacetokenizer_config.json"), "w") as fOut:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #120bd31a06fc4ea2 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/modules/tokenizer/whitespace.py:75
        with open(os.path.join(input_path, "whitespacetokenizer_config.json")) as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7149de3f6ae5c57c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/modules/word_embeddings.py:162
            else open(embeddings_file_path, encoding="utf8") as fIn

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #52f97e7eadf3089c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/readers/label_sentence.py:35
        for line in open(os.path.join(self.folder, filename), encoding="utf-8"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eec16262ea2b44af Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/readers/paired_files.py:30
                else open(filepath, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6165602abdd80e93 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/readers/sts_data.py:54
            else open(filepath, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6b69d25d5a031dc1 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sentence_transformer/readers/triplet.py:44
            open(os.path.join(self.dataset_folder, filename), encoding="utf-8"),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dd84758b33b40c6a Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sparse_encoder/evaluation/reciprocal_rank_fusion.py:287
                with open(csv_path, mode="a" if output_file_exists else "w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0aa5247db7607946 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sparse_encoder/evaluation/reciprocal_rank_fusion.py:311
                with open(json_path, mode="w", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #66e9a77da4549e7c Filesystem access.
pkgs/python/[email protected]/sentence_transformers/sparse_encoder/modules/sparse_static_embedding.py:143
        with open(json_path) as fIn:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62eae8ab3253c9d6 Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/util/environment.py:62
        if "LOCAL_RANK" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #04b37da41c451ab2 Environment-variable access.
pkgs/python/[email protected]/sentence_transformers/util/environment.py:63
            local_rank = int(os.environ["LOCAL_RANK"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9f43aefe1e9422eb Filesystem access.
pkgs/python/[email protected]/sentence_transformers/util/file_io.py:243
            with open(download_filepath, "wb") as file_binary:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #82c04db842ab0c80 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/util/misc.py:201
    with open(csv_path, newline="", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #24587b9a1bd5e454 Filesystem access.
pkgs/python/[email protected]/sentence_transformers/util/misc.py:210
        with open(csv_path, "w", newline="", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

setuptools

python dependency
expand_more 162 low-confidence finding(s)
low env_fs dependency Excluded from app score #0415061f7e1c60b9 Environment-variable access.
pkgs/python/[email protected]/_distutils_hack/__init__.py:49
    which = os.environ.get('SETUPTOOLS_USE_DISTUTILS', 'local')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e08eb8c9bd88eebd Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/command/_framework_compat.py:22
    ensurepip = os.environ.get("ENSUREPIP_OPTIONS")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #936b5a34697c8f21 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/bdist_rpm.py:555
                    with open(val) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fbca719df590d9f7 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/command/build_ext.py:800
                elif '_PYTHON_HOST_PLATFORM' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bddcfa4a4139baaf Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/build_scripts.py:105
            with open(outfile, "w", encoding=f.encoding) as outf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5549224902848d3 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/config.py:104
        with open(filename, "w", encoding='utf-8') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b4029ccbd5f8428 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/config.py:191
        with open(out, encoding='utf-8') as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0360c1023f1c82d8 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/config.py:348
    log.info(pathlib.Path(filename).read_text(encoding='utf-8'))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #943d842da3d0f506 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/install_egg_info.py:55
        with open(target, 'w', encoding='UTF-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1deb72b3595057e2 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/sdist.py:424
        with open(self.manifest, encoding='utf-8') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f5a8c8d6c1e62c7e Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/command/sdist.py:434
        with open(self.manifest, encoding='utf-8') as lines:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6fc4b876c3db3411 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/cygwin.py:73
        self.cc = os.environ.get('CC', self.cc or 'gcc')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dc4fbf31b7ee6ba4 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/cygwin.py:74
        self.cxx = os.environ.get('CXX', self.cxx or 'g++')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9089ddbf3296ba27 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/cygwin.py:318
        config_h = pathlib.Path(fn).read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #26b9d25114de2a0f Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/msvc.py:82
    root = os.environ.get("ProgramFiles(x86)") or os.environ.get("ProgramFiles")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a0eda67d39b56b55 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/msvc.py:151
    if os.getenv("DISTUTILS_USE_SDK"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaa22219af311978 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/msvc.py:152
        return {key.lower(): value for key, value in os.environ.items()}

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c71fe79e5bb9340 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/msvc.py:190
        paths = os.getenv('path').split(os.pathsep)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0f6baba3661a5fb0 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/msvc.py:562
        env = dict(os.environ, PATH=self._paths)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #955a5c454e35bcdc Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/compilers/C/zos.py:114
            if (binary := os.environ.get(envvar, None))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #af1f578e702d0367 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/debug.py:5
DEBUG = os.environ.get('DISTUTILS_DEBUG')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #495012a4898f53e2 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/dist.py:387
            yield pathlib.Path(os.getenv("DIST_EXTRA_CONFIG"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ceb1d4b0441d17ce Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/dist.py:1141
            self.read_pkg_file(open(path))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2f6a90c5139dac0f Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/dist.py:1216
        with open(
            os.path.join(base_dir, 'PKG-INFO'), 'w', encoding='UTF-8'
        ) as pkg_info:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3e64aac39067eb94 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/file_util.py:28
            fsrc = open(src, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4274bc7add41406a Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/file_util.py:39
            fdst = open(dst, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #879c71ad35fa7873 Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/file_util.py:227
    with open(filename, 'w', encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0d1541ed254f36cc Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/spawn.py:52
    return os.environ if env is None else env

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e775b341c034fd34 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/spawn.py:111
        path = os.environ.get('PATH', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #683744874b288fdd Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:48
if "_PYTHON_PROJECT_BASE" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1fa22c22681ab07 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:49
    project_base = os.path.abspath(os.environ["_PYTHON_PROJECT_BASE"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b7d2f03ef6ef92cb Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:330
        if 'CC' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d20d980a932316d7 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:331
            newcc = os.environ['CC']

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c3f2292af3df0a54 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:332
            if 'LDSHARED' not in os.environ and ldshared.startswith(cc):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6f31afb6b96ca4ae Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:337
        cxx = os.environ.get('CXX', cxx)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #94985c24077a7be7 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:338
        ldshared = os.environ.get('LDSHARED', ldshared)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #62571092dee3784d Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:339
        ldcxxshared = os.environ.get('LDCXXSHARED', ldcxxshared)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ecd1652ab38e4bd9 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:340
        cpp = os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ced703bc6d42ae05 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:340
        cpp = os.environ.get(
            'CPP',
            cc + " -E",  # not always
        )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69949a419bcb0a9a Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:347
        cflags = os.environ.get('CFLAGS', cflags)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #98f65cd8af585b42 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:349
        cxxflags = os.environ.get('CXXFLAGS', cxxflags)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5728eca5fbbbe39c Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:357
        ar = os.environ.get('AR', ar)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0999b6d2b6496b98 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:359
        archiver = ar + ' ' + os.environ.get('ARFLAGS', ar_flags)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f3f85df349eb03bf Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:376
        if 'RANLIB' in os.environ and compiler.executables.get('ranlib', None):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2433c9430b9fb5d9 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:377
            compiler.set_executables(ranlib=os.environ['RANLIB'])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b8c119879ae947c Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:472
                elif n in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8fc41a2d968395fc Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:474
                    item = os.environ[n]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce1a3da4ac0a529a Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/sysconfig.py:597
    flags = os.environ.get(f'{type}FLAGS')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11c6840e2646879f Filesystem access.
pkgs/python/[email protected]/setuptools/_distutils/text_file.py:118
        self.file = open(self.filename, errors=self.errors, encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #99fcbd72a2b28d5c Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:57
        target = os.environ.get('VSCMD_ARG_TGT_ARCH')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c4bbdd2b271f611 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:94
    env_ver = os.environ.get(MACOSX_VERSION_VAR)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #60555af5932aa5f7 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:174
    if os.name == 'posix' and 'HOME' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #786891247b2109a0 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:178
            os.environ['HOME'] = pwd.getpwuid(os.getuid())[5]

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3490a8dc57822528 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:184
    if 'PLAT' not in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c36e82c63b16f224 Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:185
        os.environ['PLAT'] = get_platform()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c92dee8ab0b2e44e Environment-variable access.
pkgs/python/[email protected]/setuptools/_distutils/util.py:199
    lookup = dict(os.environ)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c8b35ebd9452777c Filesystem access.
pkgs/python/[email protected]/setuptools/_imp.py:65
            file = open(path, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9282531673181e92 Environment-variable access.
pkgs/python/[email protected]/setuptools/_path.py:80
    orig_pythonpath = os.environ.get('PYTHONPATH', nothing)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #056d3848a7272cf5 Environment-variable access.
pkgs/python/[email protected]/setuptools/_path.py:81
    current_pythonpath = os.environ.get('PYTHONPATH', '')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ab1e5109b8989407 Environment-variable access.
pkgs/python/[email protected]/setuptools/_path.py:87
            os.environ['PYTHONPATH'] = new_path

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #acaba4765219bf1c Environment-variable access.
pkgs/python/[email protected]/setuptools/_path.py:91
            os.environ.pop('PYTHONPATH', None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #216619ac1ab9ce13 Environment-variable access.
pkgs/python/[email protected]/setuptools/_path.py:93
            os.environ['PYTHONPATH'] = orig_pythonpath

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9fb933889226b68 Environment-variable access.
pkgs/python/[email protected]/setuptools/_scripts.py:49
        return os.environ.get('__PYVENV_LAUNCHER__', _default)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5886b948ebaaa5cc Environment-variable access.
pkgs/python/[email protected]/setuptools/_scripts.py:238
        launcher = os.environ.get('SETUPTOOLS_LAUNCHER', 'executable')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9b35634ba6376256 Environment-variable access.
pkgs/python/[email protected]/setuptools/_scripts.py:245
        if ext not in os.environ['PATHEXT'].lower().split(';'):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4196688aa78e441f Filesystem access.
pkgs/python/[email protected]/setuptools/_scripts.py:332
    return resources.files('setuptools').joinpath(launcher_fn).read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8b0b02ba287ff52c Filesystem access.
pkgs/python/[email protected]/setuptools/_scripts.py:337
    return res.read_text(encoding='utf-8') % vars()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a75871738556b55 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/autocommand/autoparse.py:330
        with open(filename_or_file, *args, **kwargs) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6effbf4a7b4a3642 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/backports/tarfile/__init__.py:2829
            t = open(fileobj=name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #548ff5650c86494e Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/backports/tarfile/__init__.py:2832
            t = open(name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c37c821fe75444dc Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/backports/tarfile/__init__.py:2872
            with open(src, 'r') as tar:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1d15e646371c871 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:379
        return self.locate().read_text(encoding=encoding)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ae416db422a0645 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:382
        return self.locate().read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #968e974607324f11 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:527
            self.read_text('METADATA')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #11f7fced8471a395 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:528
            or self.read_text('PKG-INFO')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2c43b3a1293a92b Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:532
            or self.read_text('')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d87210a7c3e24a9e Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:567
        return EntryPoints._from_text_for(self.read_text('entry_points.txt'), self)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90e72efea7bf9192 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:616
        text = self.read_text('RECORD')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eaa147c92b32e447 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:630
        text = self.read_text('installed-files.txt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #70f140304e296c93 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:659
        text = self.read_text('SOURCES.txt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a9e562a1aa5f11b2 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:672
        source = self.read_text('requires.txt')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f04c8ba9a6a9014b Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:723
            self.read_text(filename),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1eec6eca2ae7a1e2 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:1014
            return self._path.joinpath(filename).read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #15ded7172d96ae1f Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/importlib_metadata/__init__.py:1150
    return (dist.read_text('top_level.txt') or '').split()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d5cb0468acd56383 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/jaraco/text/__init__.py:232
lorem_ipsum: str = (
    files(__name__).joinpath('Lorem ipsum.txt').read_text(encoding='utf-8')
)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5ff9af6a925ad0da Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/jaraco/text/__init__.py:631
    with open(filename, encoding='utf-8') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35acb42a29cc9cee Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/packaging/_manylinux.py:34
        with open(path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ce18b93fb2b47ccd Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/packaging/_musllinux.py:46
        with open(executable, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b118cd08949b721c Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/__init__.py:31
    if os.getenv("ANDROID_DATA") == "/data" and os.getenv("ANDROID_ROOT") == "/system":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #466748321469facf Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/__init__.py:32
        if os.getenv("SHELL") or os.getenv("PREFIX"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0bc628a3416399ab Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:45
        path = os.environ.get("XDG_DATA_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #829716312fea4e26 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:52
        path = os.environ.get("XDG_DATA_DIRS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4821da2ba3c23329 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:76
        path = os.environ.get("XDG_CONFIG_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4c9cf12999773cd3 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:83
        path = os.environ.get("XDG_CONFIG_DIRS", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1912a6b414aa2dda Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:107
        path = os.environ.get("XDG_CACHE_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f98e0c1945a0693d Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:123
        path = os.environ.get("XDG_STATE_HOME", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6519320fba2ab97a Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:177
        path = os.environ.get("XDG_RUNTIME_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d944f434baeb33ca Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:201
        path = os.environ.get("XDG_RUNTIME_DIR", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e72590e7458ddbb6 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/unix.py:238
        media_dir = os.environ.get(env_var, "").strip()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a183c729555dcbbe Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:157
    result = os.environ.get(env_var_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cfc03921d45332a2 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:167
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Documents")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f8449df44bd0153a Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:170
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Downloads")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #dea09b344bfd23cd Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:173
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Pictures")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d50ac462c26609d5 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:176
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Videos")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c882badfc65737a7 Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/platformdirs/windows.py:179
        return os.path.join(os.path.normpath(os.environ["USERPROFILE"]), "Music")  # noqa: PTH118

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #319afe8744a68e50 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_bdist_wheel.py:492
        with open(wheelfile_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #88f5e5359f1147f1 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_bdist_wheel.py:598
            with open(dependency_links_path, encoding="utf-8") as dependency_links_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7e07359ee834c0e1 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_bdist_wheel.py:609
        with open(pkg_info_path, "w", encoding="utf-8") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #514a8db1892610a3 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/convert.py:171
                        requires = path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #858f015cccffa5b1 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/convert.py:174
                        pkginfo = path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #086067a115a1f0df Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/convert.py:184
                            path.read_bytes(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b000589eb9179e3b Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/convert.py:190
                yield str(path.relative_to(self.path)), path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8a4bcd4b43efe352 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/pack.py:40
    with open(wheel_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9bd6a5057c246fad Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_commands/pack.py:60
            with open(wheel_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7462e4ffe0c680cd Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_metadata.py:151
    with open(pkginfo_path, encoding="utf-8") as headers:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7d4f99ba3d664239 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/_metadata.py:160
        with open(requires_path, encoding="utf-8") as requires_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6bf06ee852d5c065 Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/macosx_libfile.py:293
    with open(path_to_lib, "rb") as lib_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5d02d376e86a2f1f Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/macosx_libfile.py:419
    if "MACOSX_DEPLOYMENT_TARGET" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2deaa3c6342b1dcc Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/macosx_libfile.py:421
            int(x) for x in os.environ["MACOSX_DEPLOYMENT_TARGET"].split(".")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9569524dbdee70ed Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/macosx_libfile.py:474
        if "MACOSX_DEPLOYMENT_TARGET" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4504d7162323704a Environment-variable access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/wheelfile.py:53
    timestamp = int(os.environ.get("SOURCE_DATE_EPOCH", timestamp or time.time()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19778b236f2e9abd Filesystem access.
pkgs/python/[email protected]/setuptools/_vendor/wheel/wheelfile.py:185
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d8205c40d4987dde Filesystem access.
pkgs/python/[email protected]/setuptools/archive_util.py:133
            with open(target, 'wb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d12d158cc9957fac Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_egg.py:71
    with open(pyfile, 'w', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #302e6cb40116d7e9 Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_egg.py:212
            with open(native_libs, 'wt', encoding="utf-8") as libs_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #41dd4abd9ba16a11 Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_egg.py:363
            with open(fn, 'wt', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2ce09a659a0a41b4 Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_egg.py:382
    f = open(filename, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c42b11688ea49f7f Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_wheel.py:475
        with open(wheelfile_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #eb22089997167f70 Filesystem access.
pkgs/python/[email protected]/setuptools/command/bdist_wheel.py:575
        with open(dependency_links_path, encoding="utf-8") as dependency_links_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #28af185da2bdcfac Environment-variable access.
pkgs/python/[email protected]/setuptools/command/build_ext.py:160
        so_ext = os.getenv('SETUPTOOLS_EXT_SUFFIX')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #90636fa89fb1d398 Filesystem access.
pkgs/python/[email protected]/setuptools/command/build_ext.py:354
        with open(stub_file, 'w', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7f578694e38b9b95 Filesystem access.
pkgs/python/[email protected]/setuptools/command/build_py.py:192
            files = manifest.read_text(encoding="utf-8").splitlines()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #67d8262e52d9425a Filesystem access.
pkgs/python/[email protected]/setuptools/command/build_py.py:261
        with open(init_py, 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54fcb9c4d6dd34d8 Environment-variable access.
pkgs/python/[email protected]/setuptools/command/easy_install.py:18
            sys_executable=os.environ.get(

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bb6afb9d6ea80f40 Environment-variable access.
pkgs/python/[email protected]/setuptools/command/easy_install.py:18
            sys_executable=os.environ.get(
                "__PYVENV_LAUNCHER__", os.path.normpath(sys.executable)
            ),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #be78824d7bd70b43 Filesystem access.
pkgs/python/[email protected]/setuptools/command/editable_wheel.py:601
        path1.write_text("file1", encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #236298cdcbbaf092 Filesystem access.
pkgs/python/[email protected]/setuptools/command/editable_wheel.py:604
            if path2.is_symlink() and path2.read_text(encoding="utf-8") == "file1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb1bcd6a5fc01f47 Filesystem access.
pkgs/python/[email protected]/setuptools/command/egg_info.py:309
        f = open(filename, 'wb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f732302198c5f87a Filesystem access.
pkgs/python/[email protected]/setuptools/command/egg_info.py:671
    with open(filename, "wb") as f:  # always write POSIX-style manifest

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f20ddeeeac56264e Filesystem access.
pkgs/python/[email protected]/setuptools/command/install_scripts.py:64
        with open(target, "w" + mode, encoding=encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d795ded7d9ccaab9 Filesystem access.
pkgs/python/[email protected]/setuptools/command/sdist.py:195
        with open(self.manifest, 'rb') as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #35c43c51cf346f64 Filesystem access.
pkgs/python/[email protected]/setuptools/command/sdist.py:205
        manifest = open(self.manifest, 'rb')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7ee11535f1f08d57 Filesystem access.
pkgs/python/[email protected]/setuptools/command/setopt.py:67
    with open(filename, 'w', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #867d80670a7033b5 Environment-variable access.
pkgs/python/[email protected]/setuptools/config/_validate_pyproject/error_reporting.py:81
        debug_code = os.getenv("JSONSCHEMA_DEBUG_CODE_GENERATION", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #c8934f53c51e2422 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/setuptools/config/_validate_pyproject/formats.py:158
    with urlopen(url, context=context) as response:  # noqa: S310 (audit URLs)

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #b4ade77bc4e85bb6 Environment-variable access.
pkgs/python/[email protected]/setuptools/config/_validate_pyproject/formats.py:192
        if os.getenv("NO_NETWORK") or os.getenv("VALIDATE_PYPROJECT_NO_NETWORK"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6590b78bb09416fc Filesystem access.
pkgs/python/[email protected]/setuptools/config/expand.py:57
        module = ast.parse(pathlib.Path(spec.origin).read_bytes())  # type: ignore[arg-type] # Let it raise an error on None

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e01efc885fb8c967 Filesystem access.
pkgs/python/[email protected]/setuptools/config/expand.py:142
    with open(filepath, encoding='utf-8') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4cb2f7bece584585 Filesystem access.
pkgs/python/[email protected]/setuptools/config/pyprojecttoml.py:39
    with open(filepath, "rb") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e4d270a89bf1c92a Filesystem access.
pkgs/python/[email protected]/setuptools/dist.py:586
            with open(filename, encoding='utf-8') as reader:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e11a423fac80052c Filesystem access.
pkgs/python/[email protected]/setuptools/dist.py:820
            with open(readme_txt_filename, 'w', encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1043d628963ab3d8 Environment-variable access.
pkgs/python/[email protected]/setuptools/installer.py:82
    quiet = 'PIP_QUIET' not in os.environ and 'PIP_VERBOSE' not in os.environ

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #398e5d955d7ece09 Environment-variable access.
pkgs/python/[email protected]/setuptools/installer.py:83
    if 'PIP_INDEX_URL' in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a2227a2969bbba8c Filesystem access.
pkgs/python/[email protected]/setuptools/msvc.py:462
                with open(state_path, 'rt', encoding='utf-8') as state_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ed659442a139eae0 Filesystem access.
pkgs/python/[email protected]/setuptools/namespaces.py:23
        with open(filename, 'wt', encoding=py312.PTH_ENCODING) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cf442bc9626d9e94 Filesystem access.
pkgs/python/[email protected]/setuptools/unicode_utils.py:73
        with open(file, "r", encoding="utf-8") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7bcdf09f6349b255 Filesystem access.
pkgs/python/[email protected]/setuptools/unicode_utils.py:77
        with open(file, "r", encoding=fallback_encoding) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7516ebd69ae1c9dc Environment-variable access.
pkgs/python/[email protected]/setuptools/warnings.py:109
    enforce = os.getenv("SETUPTOOLS_ENFORCE_DEPRECATION", "false").lower()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3178ce3a38a1b1c8 Filesystem access.
pkgs/python/[email protected]/setuptools/wheel.py:261
                    with open(mod_init, 'w', encoding="utf-8") as fp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #0a5ef02491852c04 Environment-variable access.
pkgs/python/[email protected]/tools/build_launchers.py:102
        os.environ['ProgramFiles(x86)'],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #575c7ca5f7db1aab Filesystem access.
pkgs/python/[email protected]/tools/finalize.py:39
    changelog = changelog_fn.read_text(encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #75bbdbdec6df876a Filesystem access.
pkgs/python/[email protected]/tools/finalize.py:41
    changelog_fn.write_text(fixed, encoding='utf-8')

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

sqlalchemy

python dependency
expand_more 28 low-confidence finding(s)
low env_fs dependency Excluded from app score #0fe78f050d60ed34 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:42
            with open(
                Path(cachedir) / "sqla_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6c1ec9cd768be185 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:56
            with open(
                Path(cachedir) / "plain_mypy_config.cfg", "w"
            ) as config_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4658bf0bcc569c2 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:106
            os.environ.pop("MYPY_FORCE_COLOR", None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a07ecb3386716f8f Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/fixtures/mypy.py:146
        with open(path) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7cbe759669c869c5 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:398
    if os.environ.get("REQUIRE_SQLALCHEMY_CEXT", "0") == "1":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cace0bd05d7fa639 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/plugin_base.py:455
            with open(options.write_idents, "a") as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7122f70f426fb164 Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/plugin/pytestplugin.py:880
        return os.environ.get("PYTEST_CURRENT_TEST")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #1bff6a030f3e2d43 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:200
            profile_f = open(self.fname)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14ee63bd80cd5950 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/profiling.py:219
        profile_f = open(self.fname, "w")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4ef88bb22c06ae3 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/testing/provision.py:453
    with open(idents_file) as file_:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9eb8455c17b4fb1d Environment-variable access.
pkgs/python/[email protected]/lib/sqlalchemy/util/_has_cy.py:27
    if os.environ.get("DISABLE_SQLALCHEMY_CEXT_RUNTIME"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b34c60bf46e3e933 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:134
            Path(destination_path).write_text(
                text, encoding="utf-8", newline="\n"
            )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8e47b6da57a4aabf Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:146
            with open(tempfile) as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6a8823cd49accfd0 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:162
            with open(source_file, encoding="utf-8") as tf:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #063d28c0d2ea0322 Filesystem access.
pkgs/python/[email protected]/lib/sqlalchemy/util/tool_support.py:169
        with open(destination_path, encoding="utf-8") as dp:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #00683f58bbca0bd1 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:95
    cmd.extend(os.environ.get(dburl_env, default_dburl).split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #881e662a37bc8ef5 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:106
    env_dbdrivers = os.environ.get(extra_driver_env, None)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f31de70e7e03b797 Environment-variable access.
pkgs/python/[email protected]/noxfile.py:269
    cmd.extend(os.environ.get("TOX_WORKERS", "-n4").split())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #09ecccc9845f068e Environment-variable access.
pkgs/python/[email protected]/setup.py:23
DISABLE_EXTENSION = bool(os.environ.get("DISABLE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #2631a72fd39dc3d5 Environment-variable access.
pkgs/python/[email protected]/setup.py:24
REQUIRE_EXTENSION = bool(os.environ.get("REQUIRE_SQLALCHEMY_CEXT"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f63e8c818d777363 Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:155
    original = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #b0476245ccb9125f Filesystem access.
pkgs/python/[email protected]/tools/format_docs_code.py:313
                file.write_text(updated, "utf-8", newline="\n")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #fc72011986858317 Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:145
    with open(fn.__code__.co_filename) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #66cb45872f22618b Filesystem access.
pkgs/python/[email protected]/tools/generate_proxy_methods.py:373
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #95b1abbe55701192 Filesystem access.
pkgs/python/[email protected]/tools/generate_sql_functions.py:38
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #3d647dc765ef73fa Filesystem access.
pkgs/python/[email protected]/tools/generate_tuple_map_overloads.py:53
        open(filename) as orig_py,

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1e79dcad5379a9ba Filesystem access.
pkgs/python/[email protected]/tools/normalize_file_headers.py:27
    content = file.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #528a440133d24fc3 Filesystem access.
pkgs/python/[email protected]/tools/sync_test_files.py:35
    source_data = Path(source).read_text().replace(remove_str, "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

sqlmodel

python dependency
expand_more 24 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #d360aa9bf158d6be Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:12
    with open(RELEASE_NOTES_FILE) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #36539642ea58e17b Filesystem access.
pkgs/python/[email protected]/scripts/add_latest_release_date.py:31
        with open(RELEASE_NOTES_FILE, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8d94b127872a82c7 Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:26
    os.environ["DYLD_FALLBACK_LIBRARY_PATH"] = "/opt/homebrew/lib"

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #54b8b96d7de0bb01 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:43
    content = en_index.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #67cfb9943b9121ae Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:48
    sponsors = yaml.safe_load(sponsors_data_path.read_text(encoding="utf-8"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #190ae551b414b2d8 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:79
    readme_path.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #54eec7a3402e232f Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:90
    readme_content = readme_path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #7beeeb7f05fe628b Environment-variable access.
pkgs/python/[email protected]/scripts/docs.py:114
    subprocess.run(args, env={**os.environ, "LINENUMS": "true"}, check=True)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #6cd7400a5803af72 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:159
    base_content = file_path.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c578cb79c0d31396 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:207
        version_file.write_text(content_format, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e1756e958471f911 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:263
        content = md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #9cdb34a7174d3754 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:270
            md_file.write_text(new_content, encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #642a5c48f8297599 Filesystem access.
pkgs/python/[email protected]/scripts/docs.py:285
        all_docs_content += md_file.read_text(encoding="utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #1987b68bfa72e50a Filesystem access.
pkgs/python/[email protected]/scripts/generate_select.py:46
template: Template = Template(template_path.read_text())

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #46629b4b63597052 Filesystem access.
pkgs/python/[email protected]/scripts/generate_select.py:57
current_content = destiny_path.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #fe7545e1c20e654c Environment-variable access.
pkgs/python/[email protected]/scripts/generate_select.py:59
if current_content != result and os.getenv("CHECK_JINJA"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #8dfadf4bfd3a7298 Filesystem access.
pkgs/python/[email protected]/scripts/generate_select.py:64
destiny_path.write_text(result)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #775b77020c2a502c Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:139
    version_file_content = version_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #d70d056f0a7e73dc Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:140
    release_notes_content = release_notes_file.read_text()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #abfdbc0c7e90ea49 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:145
    version_file.write_text(
        update_version_file(version_file_content, version, version_file)
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #58b380a2961a4b6a Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:148
    release_notes_file.write_text(
        update_release_notes(
            release_notes_content, version, parsed_release_date, release_notes_file
        )
    )

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #c4c37844ba8d102f Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:171
    typer.echo(get_current_version(version_file.read_text(), version_file))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #e5212cf0f02bc65d Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:199
    version = get_current_version(version_file.read_text(), version_file)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #5ef3ee84bd8296e2 Filesystem access.
pkgs/python/[email protected]/scripts/prepare_release.py:202
            release_notes_file.read_text(), version, release_notes_file

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

structlog

python dependency
expand_more 4 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #a2e2f33baa43686b Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:12
html_baseurl = os.environ.get("READTHEDOCS_CANONICAL_URL", "")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #f606a29ae6230237 Environment-variable access.
pkgs/python/[email protected]/docs/conf.py:15
if os.environ.get("READTHEDOCS", "") == "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c255281675496e51 Environment-variable access.
pkgs/python/[email protected]/src/structlog/_config.py:34
_no_colors = os.environ.get("NO_COLOR", "") != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cb76560597a0e56d Environment-variable access.
pkgs/python/[email protected]/src/structlog/_config.py:35
_force_colors = os.environ.get("FORCE_COLOR", "") != ""

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

upstash-vector

python dependency
expand_more 6 low-confidence finding(s)
low env_fs dependency Excluded from app score #6bbe320bacb91596 Environment-variable access.
pkgs/python/[email protected]/upstash_vector/client.py:64
            environ["UPSTASH_VECTOR_REST_URL"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #825ddc1e04314375 Environment-variable access.
pkgs/python/[email protected]/upstash_vector/client.py:65
            environ["UPSTASH_VECTOR_REST_TOKEN"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aee25054664e5b4b Environment-variable access.
pkgs/python/[email protected]/upstash_vector/client.py:125
            environ["UPSTASH_VECTOR_REST_URL"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #69585f11463a11cb Environment-variable access.
pkgs/python/[email protected]/upstash_vector/client.py:126
            environ["UPSTASH_VECTOR_REST_TOKEN"],

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c74c0e4a0643847e Environment-variable access.
pkgs/python/[email protected]/upstash_vector/http.py:19
    if os.getenv("VERCEL"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #662a2599e78e0fa0 Environment-variable access.
pkgs/python/[email protected]/upstash_vector/http.py:21
    elif os.getenv("AWS_REGION"):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

uvicorn

python dependency
expand_more 5 low-confidence finding(s)
low env_fs dependency Excluded from app score #8b6f789ef9a62481 Environment-variable access.
pkgs/python/[email protected]/uvicorn/config.py:351
        if workers is None and "WEB_CONCURRENCY" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b36752bf99fc7a22 Environment-variable access.
pkgs/python/[email protected]/uvicorn/config.py:352
            self.workers = int(os.environ["WEB_CONCURRENCY"])

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d3fd3d58fd82f06c Environment-variable access.
pkgs/python/[email protected]/uvicorn/config.py:356
            self.forwarded_allow_ips = os.environ.get("FORWARDED_ALLOW_IPS", "127.0.0.1")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b5a6eb9194ec7442 Filesystem access.
pkgs/python/[email protected]/uvicorn/config.py:393
                with open(self.log_config) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8bf98f12e2884afb Filesystem access.
pkgs/python/[email protected]/uvicorn/config.py:404
                with open(self.log_config) as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

validators

python dependency
expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #80402b95ff6ccdc2 Environment-variable access.
pkgs/python/[email protected]/src/validators/domain.py:33
            if environ.get("PYVLD_CACHE_TLD") == "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5f41d57e27592267 Environment-variable access.
pkgs/python/[email protected]/src/validators/utils.py:79
        if environ.get("RAISE_VALIDATION_ERROR", "False") == "True":

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

weaviate-client

python dependency
expand_more 32 low-confidence finding(s)
low env_fs dependency Excluded from app score #7ae17cdb0918452d Environment-variable access.
pkgs/python/[email protected]/integration/conftest.py:358
        api_key = os.environ.get("OPENAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ae56f052bff1375c Environment-variable access.
pkgs/python/[email protected]/integration/conftest.py:405
        api_key = os.environ.get("OPENAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #708831d02eb586ee Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:47
    client_secret = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e993e75003a72aba Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:101
    pw = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1641ad39ea4d19c Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:188
    pw = os.environ.get(env_variable_name)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ad4779535779d54b Environment-variable access.
pkgs/python/[email protected]/integration/test_auth.py:207
    pw = os.environ.get("OKTA_DUMMY_CI_PW")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d553e56113cbc986 Environment-variable access.
pkgs/python/[email protected]/integration/test_client.py:700
    with mock.patch.dict(os.environ, {"PYPI_PACKAGE_URL": "http://does-not-exist"}):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c9177437da4d2027 Environment-variable access.
pkgs/python/[email protected]/integration/test_client.py:707
    with mock.patch.dict(os.environ, {"PYPI_PACKAGE_URL": "http://does-not-exist"}):

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6721c6d87b88ab13 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:584
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7af6acb9aff8440f Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:750
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ee7ec54f4890000b Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:794
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a19b2d661b102c80 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_openai.py:837
    contextual_api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #aae173b2d87c0afb Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:31
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #cbd86ba8914b56d7 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:85
    api_key = os.environ.get("COHERE_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #06fbec1be2c7d0a7 Environment-variable access.
pkgs/python/[email protected]/integration/test_collection_rerank.py:145
    api_key = os.environ.get("CONTEXTUAL_API_KEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #405bc8c13ef4e1a4 Environment-variable access.
pkgs/python/[email protected]/integration/test_vectors.py:866
    api_key = os.environ.get("JINAAI_APIKEY")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #837dc417204f0571 Filesystem access.
pkgs/python/[email protected]/profiling/test_shutdown.py:48
    with open("uuids.json", "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bec457ab33256afb Filesystem access.
pkgs/python/[email protected]/profiling/test_sphere.py:33
        with open(sphere_file) as jsonl_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #ff645367362bc6a9 Filesystem access.
pkgs/python/[email protected]/profiling/test_sphere.py:82
        with open(sphere_file) as jsonl_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs tooling Excluded from app score unreachable #03bcbe80f28e3a7a Filesystem access.
pkgs/python/[email protected]/tools/stubs.py:177
            with open(file, "w") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #a4d0895cb42ca5c4 Environment-variable access.
pkgs/python/[email protected]/weaviate/__init__.py:50
os.environ["GRPC_VERBOSITY"] = "ERROR"  # https://github.com/danielmiessler/fabric/discussions/754

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3d41ec4257ad9a9b Environment-variable access.
pkgs/python/[email protected]/weaviate/collections/batch/base.py:61
    os.getenv("WEAVIATE_BATCH_MAX_RETRIES", "9.299")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #d340ed4b1e687403 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:202
    http_proxy = (os.environ.get("HTTP_PROXY"), os.environ.get("http_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #08f603e4139ea860 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:203
    https_proxy = (os.environ.get("HTTPS_PROXY"), os.environ.get("https_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #e853da757166b6e7 Environment-variable access.
pkgs/python/[email protected]/weaviate/connect/base.py:204
    grpc_proxy = (os.environ.get("GRPC_PROXY"), os.environ.get("grpc_proxy"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #df884353cda799a0 Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:38
    persistence_data_path: str = os.environ.get("XDG_DATA_HOME", DEFAULT_PERSISTENCE_DATA_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #14481fc7953d8fdd Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:39
    binary_path: str = os.environ.get("XDG_CACHE_HOME", DEFAULT_BINARY_PATH)

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low egress dependency Excluded from app score #b182f0ad89ac24e7 Hardcoded external endpoint. Review what data is sent to this destination.
pkgs/python/[email protected]/weaviate/embedded.py:91
            response = httpx.get("https://api.github.com/repos/weaviate/weaviate/releases/latest")

Data is sent to a hardcoded external endpoint; review what leaves the process.

Fix: Verify the destination and that only non-sensitive data is sent; pin and audit the dependency.

low env_fs dependency Excluded from app score #6e9187542c7a98b2 Environment-variable access.
pkgs/python/[email protected]/weaviate/embedded.py:205
        my_env = os.environ.copy()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #c1de1394395d5f7a Environment-variable access.
pkgs/python/[email protected]/weaviate/logger.py:5
logger.setLevel(os.getenv("WEAVIATE_LOG_LEVEL", "INFO"))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #322e95ecde2b1df1 Filesystem access.
pkgs/python/[email protected]/weaviate/util.py:83
        with open(image_or_image_path, "br") as file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #19fb2bfb3a9efd1d Filesystem access.
pkgs/python/[email protected]/weaviate/util.py:126
            file = open(file_or_file_path, "br")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

webrtcvad

python dependency
expand_more 2 low-confidence finding(s)
low env_fs dependency Excluded from app score #8a21bbd72d6b532e Filesystem access.
pkgs/python/[email protected]/setup.py:38
with open(os.path.join(here, 'README.rst')) as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8efe978263d0c235 Filesystem access.
pkgs/python/[email protected]/test_webrtcvad.py:59
        with open('test-audio.raw', 'rb') as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

wheel

python dependency
expand_more 18 low-confidence finding(s)
low env_fs tooling Excluded from app score unreachable #17cb5fb1af282927 Filesystem access.
pkgs/python/[email protected]/docs/conf.py:52
with open(
    os.path.join(here, "..", "src", "wheel", "__init__.py"), encoding="utf8"
) as version_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0a5a6588e77d04ab Filesystem access.
pkgs/python/[email protected]/src/wheel/_bdist_wheel.py:492
        with open(wheelfile_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #0beb2c54ddf88ab9 Filesystem access.
pkgs/python/[email protected]/src/wheel/_bdist_wheel.py:598
            with open(dependency_links_path, encoding="utf-8") as dependency_links_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4d8acc1b2ff2ac2e Filesystem access.
pkgs/python/[email protected]/src/wheel/_bdist_wheel.py:609
        with open(pkg_info_path, "w", encoding="utf-8") as out:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #9298959735b8c0da Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/convert.py:171
                        requires = path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #3c08483ca903c628 Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/convert.py:174
                        pkginfo = path.read_text("utf-8")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #6454b314c430c551 Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/convert.py:184
                            path.read_bytes(),

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #5c0ed609fcb884cc Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/convert.py:190
                yield str(path.relative_to(self.path)), path.read_bytes()

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #4a5473f218566559 Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/pack.py:40
    with open(wheel_file_path, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #f2785a46479be439 Filesystem access.
pkgs/python/[email protected]/src/wheel/_commands/pack.py:60
            with open(wheel_file_path, "wb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #54ac2e554fc16622 Filesystem access.
pkgs/python/[email protected]/src/wheel/_metadata.py:151
    with open(pkginfo_path, encoding="utf-8") as headers:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #b1efc4a7cfc023a9 Filesystem access.
pkgs/python/[email protected]/src/wheel/_metadata.py:160
        with open(requires_path, encoding="utf-8") as requires_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #8c6905d15074ed06 Filesystem access.
pkgs/python/[email protected]/src/wheel/macosx_libfile.py:293
    with open(path_to_lib, "rb") as lib_file:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #40ac1ab9f67406b8 Environment-variable access.
pkgs/python/[email protected]/src/wheel/macosx_libfile.py:419
    if "MACOSX_DEPLOYMENT_TARGET" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #bbaccd10941cc88d Environment-variable access.
pkgs/python/[email protected]/src/wheel/macosx_libfile.py:421
            int(x) for x in os.environ["MACOSX_DEPLOYMENT_TARGET"].split(".")

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #7416f75b3bed28bc Environment-variable access.
pkgs/python/[email protected]/src/wheel/macosx_libfile.py:474
        if "MACOSX_DEPLOYMENT_TARGET" in os.environ:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #350f81baab9f5d7f Environment-variable access.
pkgs/python/[email protected]/src/wheel/wheelfile.py:53
    timestamp = int(os.environ.get("SOURCE_DATE_EPOCH", timestamp or time.time()))

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

low env_fs dependency Excluded from app score #fe6618969b51758e Filesystem access.
pkgs/python/[email protected]/src/wheel/wheelfile.py:196
        with open(filename, "rb") as f:

Reads environment variables or the filesystem — an inventory-level capability, not a leak on its own.

Fix: Usually benign; confirm any secret read here is not later sent externally.

Skipped dependencies

Production

  • langflow-base prod — no sdist (wheels only)
  • lfx-duckduckgo prod — no sdist (wheels only)
  • lfx-arxiv prod — no sdist (wheels only)
  • lfx-ibm prod — no sdist (wheels only)
  • lfx-docling prod — no sdist (wheels only)
  • lfx prod — no sdist (wheels only)
  • langchain-community prod — sdist exceeds byte cap
  • pillow prod — sdist exceeds byte cap
  • spider-client prod — no sdist (wheels only)
  • scipy prod — sdist exceeds byte cap
  • faiss-cpu prod — no sdist (wheels only)
  • beautifulsoup4 prod — scan budget exceeded
  • google-search-results prod — scan budget exceeded
  • wikipedia prod — scan budget exceeded
  • fake-useragent prod — scan budget exceeded
  • ddgs prod — scan budget exceeded
  • yfinance prod — scan budget exceeded
  • wolframalpha prod — scan budget exceeded
  • pyarrow prod — scan budget exceeded
  • fastavro prod — scan budget exceeded
  • GitPython prod — scan budget exceeded
  • nltk prod — scan budget exceeded
  • lark prod — scan budget exceeded
  • huggingface-hub prod — scan budget exceeded
  • metaphor-python prod — scan budget exceeded
  • metal_sdk prod — scan budget exceeded
  • MarkupSafe prod — scan budget exceeded
  • langchain-aws prod — scan budget exceeded
  • numexpr prod — scan budget exceeded
  • qianfan prod — scan budget exceeded
  • pgvector prod — scan budget exceeded
  • litellm prod — scan budget exceeded
  • apscheduler prod — scan budget exceeded
  • zep-python prod — scan budget exceeded
  • youtube-transcript-api prod — scan budget exceeded
  • Markdown prod — scan budget exceeded
  • kubernetes prod — scan budget exceeded
  • json_repair prod — scan budget exceeded
  • composio prod — scan budget exceeded
  • composio-langchain prod — scan budget exceeded
  • ragstack-ai-knowledge-store prod — scan budget exceeded
  • opensearch-py prod — scan budget exceeded
  • atlassian-python-api prod — scan budget exceeded
  • mem0ai prod — scan budget exceeded
  • needle-python prod — scan budget exceeded
  • sseclient-py prod — scan budget exceeded
  • openinference-instrumentation-langchain prod — scan budget exceeded
  • ag2 prod — scan budget exceeded
  • apify-client prod — scan budget exceeded
  • agent-lifecycle-toolkit prod — scan budget exceeded
  • toolguard prod — scan budget exceeded
  • langchain-huggingface prod — scan budget exceeded
  • langchain-unstructured prod — scan budget exceeded
  • langchain-graph-retriever prod — scan budget exceeded
  • graph-retriever prod — scan budget exceeded
  • langchain-mcp-adapters prod — scan budget exceeded
  • opik prod — scan budget exceeded
  • traceloop-sdk prod — scan budget exceeded
  • openlayer prod — scan budget exceeded
  • docling-core prod — scan budget exceeded
  • docling-slim prod — scan budget exceeded
  • tiktoken prod — scan budget exceeded
  • langchain-docling prod — scan budget exceeded
  • easyocr prod — scan budget exceeded
  • cleanlab-tlm prod — scan budget exceeded
  • twelvelabs prod — scan budget exceeded
  • jigsawstack prod — scan budget exceeded
  • datasets prod — scan budget exceeded
  • fastparquet prod — scan budget exceeded
  • vlmrun prod — scan budget exceeded
  • cuga prod — scan budget exceeded
  • mlx prod — scan budget exceeded
  • mlx-vlm prod — scan budget exceeded
  • fastmcp prod — scan budget exceeded
  • aioboto3 prod — scan budget exceeded
  • astrapy prod — scan budget exceeded
  • gassist prod — scan budget exceeded
  • ibm-cloud-sdk-core prod — scan budget exceeded