GitHub

microsoft/python-program-analysis

37 forks

53 stars

Description

A Typescript library for parsing Python 3 and doing basic program analysis, like forming control-flow graphs and def-use chains.

Homepage

https://github.com/microsoft/python-program-analysis

Project metadata as of June 3, 2025.

Related Packages

1

A related package is a package that declares this repository in its metadata. The list of packages is ordered by package names alphabetically.

System	Package
npm	@msrvida/python-program-analysis

Show 10 per page

OpenSSF scorecard

The Open Source Security Foundation is a cross-industry collaboration to improve the security of open source software (OSS). The Scorecard provides security health metrics for open source projects.

View information about checks and how to fix failures.

Score

2.6/10

Scorecard as of June 9, 2025.

Maintained

0/10

Determines if the project is "actively maintained".

Reasoning

project is archived

Code-Review

0/10

Determines if the project requires human code review before pull requests (aka merge requests) are merged.

Reasoning

Found 1/28 approved changesets -- score normalized to 0

Binary-Artifacts

10/10

Determines if the project has generated executable (binary) artifacts in the source repository.

Reasoning

no binaries found in the repo

CII-Best-Practices

0/10

Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.

Reasoning

no effort to earn an OpenSSF best practices badge detected

Fuzzing

0/10

Determines if the project uses fuzzing.

Reasoning

project is not fuzzed

License

10/10

Determines if the project has defined a license.

Reasoning

license file detected

Branch-Protection

0/10

Determines if the default and release branches are protected with GitHub's branch protection settings.

Reasoning

branch protection not enabled on development/release branches

Security-Policy

10/10

Determines if the project has published a security policy.

Reasoning

security policy file detected

SAST

0/10

Determines if the project uses static code analysis.

Reasoning

SAST tool is not run on all commits -- score normalized to 0

Vulnerabilities

0/10

Determines if the project has open, known unfixed vulnerabilities.

Reasoning

81 existing vulnerabilities detected

This site uses cookies from Google to deliver its services and to analyze traffic.

Vulnerabilities

Warn: Project is vulnerable to: GHSA-6chw-6frg-f759

Warn: Project is vulnerable to: GHSA-v88g-cgmw-v5xw

Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw

Warn: Project is vulnerable to: GHSA-fwr7-v2mv-hh25

Warn: Project is vulnerable to: GHSA-qwcr-r2fm-qrc7

Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw

Warn: Project is vulnerable to: GHSA-cwfw-4gq5-mrqx

Warn: Project is vulnerable to: GHSA-g95f-p29q-9xw4

Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg

Warn: Project is vulnerable to: GHSA-x9w5-v3q2-3rhw

Warn: Project is vulnerable to: GHSA-pxg6-pf52-xh8x

Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275

Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c

Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq

Warn: Project is vulnerable to: GHSA-vh7m-p724-62c2

Warn: Project is vulnerable to: GHSA-r9p9-mrjm-926w

Warn: Project is vulnerable to: GHSA-434g-2637-qmqr

Warn: Project is vulnerable to: GHSA-49q7-c7j4-3p7m

Warn: Project is vulnerable to: GHSA-977x-g7h5-7qgw

Warn: Project is vulnerable to: GHSA-f7q4-pwc6-w24p

Warn: Project is vulnerable to: GHSA-fc9h-whq2-v747

Warn: Project is vulnerable to: GHSA-vjh7-7g9h-fjfh

Warn: Project is vulnerable to: GHSA-j4f2-536g-r55m

Warn: Project is vulnerable to: GHSA-r7qp-cfhv-p84w

Warn: Project is vulnerable to: GHSA-4gmj-3p3h-gm8h

Warn: Project is vulnerable to: GHSA-2j2x-2gpw-g8fm

Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q

Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c

Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc

Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp

Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3

Warn: Project is vulnerable to: MAL-2023-462

Warn: Project is vulnerable to: GHSA-4q6p-r6v2-jvc5

Warn: Project is vulnerable to: GHSA-ww39-953v-wcq6

Warn: Project is vulnerable to: GHSA-6x33-pw7p-hmpq

Warn: Project is vulnerable to: GHSA-qqgx-2p2h-9c37

Warn: Project is vulnerable to: GHSA-9c47-m6qq-7p4h

Warn: Project is vulnerable to: GHSA-7x7c-qm48-pq9c

Warn: Project is vulnerable to: GHSA-rc3x-jf5g-xvc5

Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp

Warn: Project is vulnerable to: GHSA-76p3-8jx3-jpfq

Warn: Project is vulnerable to: GHSA-3rfm-jhwj-7488

Warn: Project is vulnerable to: GHSA-hhq3-ff78-jv3g

Warn: Project is vulnerable to: GHSA-p6mc-m468-83gw

Warn: Project is vulnerable to: GHSA-29mw-wpgm-hmr9

Warn: Project is vulnerable to: GHSA-35jh-r3h4-6jhm

Warn: Project is vulnerable to: GHSA-82v2-mx6x-wq7q

Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv

Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3

Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m

Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h

Warn: Project is vulnerable to: GHSA-6fx8-h7jm-663j

Warn: Project is vulnerable to: GHSA-hj48-42vr-x3v9

Warn: Project is vulnerable to: GHSA-g6ww-v8xp-vmwg

Warn: Project is vulnerable to: GHSA-566m-qj78-rww5

Warn: Project is vulnerable to: GHSA-7fh5-64p2-3v2j

Warn: Project is vulnerable to: GHSA-hrpp-h998-j3pp

Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw

Warn: Project is vulnerable to: GHSA-h9rv-jmmf-4pgx

Warn: Project is vulnerable to: GHSA-hxcc-f52p-wc94

Warn: Project is vulnerable to: GHSA-g4rg-993r-mgx7

Warn: Project is vulnerable to: GHSA-fxwf-4rqh-v8g3

Warn: Project is vulnerable to: GHSA-25hc-qcg6-38wj

Warn: Project is vulnerable to: GHSA-xfhh-g9f5-x4m4

Warn: Project is vulnerable to: GHSA-qm95-pgcg-qqfq

Warn: Project is vulnerable to: GHSA-cqmj-92xf-r6r9

Warn: Project is vulnerable to: GHSA-vx3p-948g-6vhq

Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9

Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw

Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc

Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh

Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p

Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36

Warn: Project is vulnerable to: GHSA-4wf5-vphf-c2xc

Warn: Project is vulnerable to: GHSA-mgfv-m47x-4wqp

Warn: Project is vulnerable to: GHSA-wr3j-pwj9-hqq6

Warn: Project is vulnerable to: GHSA-3h5v-q93c-6h6q

Warn: Project is vulnerable to: GHSA-72mh-269x-7mh5

Warn: Project is vulnerable to: GHSA-h4j5-c7cj-74xg

Warn: Project is vulnerable to: GHSA-c4w7-xm78-47vh

Warn: Project is vulnerable to: GHSA-p9pc-299p-vxgp