Jubilant by Web4application · Pull Request #17 · Web4application/enclov-AI

Web4application · 2025-06-20T03:56:53Z

No description provided.

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

…AppWithLLM.py Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

…WithLLM.py Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

…ewer.yml Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

…ew.yml Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

vercel · 2025-06-20T03:56:58Z

Deployment failed with the following error:

Resource is limited - try again in 22 hours (more than 100, code: "api-deployments-free-per-day").

socket-security · 2025-06-20T03:57:49Z

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security
	npm/next@13.5.2
	pypi/flask-admin@1.5.8
	npm/eslint-config-next@13.5.2
	pypi/webdriver-manager@4.0.1
	pypi/sentencepiece@0.1.98
	pypi/transformers@4.28.1
	pypi/numpy@2.3.0 ⏵ 1.24.3	⁺¹
	pypi/onnxruntime@1.14.1
	pypi/torchvision@0.15.2
	pypi/torch@2.0.1
	pypi/nltk@3.7
	pypi/mypy@1.16.1 ⏵ 1.12.0
	pypi/matplotlib@3.7.1
	pypi/scipy@1.10.1
	pypi/pandas@2.3.0 ⏵ 1.5.3	⁺¹
	npm/react@18.2.0
	pypi/pillow@9.5.0
	pypi/pytest@8.4.1 ⏵ 7.4.4	⁺⁴
	pypi/keras@2.12.0
	pypi/tensorflow@2.11.1
	pypi/black@25.1.0 ⏵ 23.3.0	⁺³
	npm/typescript@5.1.6
	pypi/pyodide-build@0.24.1
	pypi/petals@2.2.0.post1
	npm/react-dom@18.2.0
	pypi/scikit-learn@1.2.2
	pypi/pygithub@2.6.1
	pypi/sagemaker@2.59.3
	pypi/kubernetes@26.1.0
See 39 more rows in the dashboard

View full report

socket-security · 2025-06-20T03:57:51Z

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click for details)
Warn		`npm/next@13.5.2` has a Critical CVE. CVE: GHSA-f82v-jwr5-mffw Authorization Bypass in Next.js Middleware (CRITICAL) Affected versions: >= 13.0.0 < 13.5.9; >= 14.0.0 < 14.2.25; >= 15.0.0 < 15.2.3; >= 11.1.4 < 12.3.5 Patched version: 12.3.5 From: frontend/package.json → `npm/next@13.5.2` ℹ Read more on: This package \| This alert \| What is a critical CVE? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Remove or replace dependencies that include known critical CVEs. Consumers can use dependency overrides or npm audit fix --force to remove vulnerable dependencies. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/next@13.5.2`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`npm/caniuse-lite@1.0.30001723` has a License Policy Violation. License: CC-BY-4.0 (npm metadata) License: CC-BY-4.0 (package/LICENSE) License: CC-BY-4.0 (package/package.json) From: `?` → `npm/next@13.5.2` → `npm/caniuse-lite@1.0.30001723` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/caniuse-lite@1.0.30001723`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`npm/typescript@5.1.6` has a License Policy Violation. License: CC-BY-4.0 (package/ThirdPartyNoticeText.txt) License: MIT-Khronos-old (package/ThirdPartyNoticeText.txt) From: frontend/package.json → `npm/typescript@5.1.6` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore npm/typescript@5.1.6`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		`pypi/matplotlib@3.7.1` has a License Policy Violation. License: Bitstream-Vera (matplotlib/mpl-data/fonts/ttf/LICENSE_DEJAVU) License: OFL-1.1 (matplotlib/mpl-data/fonts/ttf/LICENSE_STIX) License: Qhull (matplotlib-3.7.1.dist-info/LICENSE_QHULL) License: Bitstream-Charter (matplotlib-3.7.1.dist-info/LICENSE_COURIERTEN) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_CARLOGO) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) License: OFL-1.1 (matplotlib-3.7.1.dist-info/LICENSE_AMSFONTS) From: requirements.txt → `pypi/matplotlib@3.7.1` ℹ Read more on: This package \| This alert \| What is a license policy violation? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at `support@socket.dev`. Suggestion: Find a package that does not violate your license policy or adjust your policy to allow this package's license. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment `@SocketSecurity ignore pypi/matplotlib@3.7.1`. You can also ignore all packages with `@SocketSecurity ignore-all`. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
See 177 more rows in the dashboard

View full report

Web4application · 2025-06-20T03:58:40Z

@dependabot rebase

Web4application · 2025-06-20T03:59:15Z

@actions-user recreate

Web4application · 2025-06-20T03:59:36Z

@dependabot recreate.

Web4application added 30 commits June 6, 2025 20:43

Update bash.sh

beb28eb

Update and rename bash.sh to bin/bash/deploy.sh

8c093bb

Update .bash_main

98bf0cf

Create ngrok

943825a

Update config.sh

2a6eb6d

Add files via upload

2252206

Create D

ac7e9c3

Add files via upload

652a12f

Add files via upload

c1680b0

Delete frontend/src/index.html

177f1ea

Add files via upload

3c9fdf8

Add files via upload

56b311f

Create Hash

cc787fa

Add files via upload

408acf7

Add files via upload

9cbaeb6

Create Hs

edf25a8

Add files via upload

59c9a0d

Delete backend/api/Hs

3534815

Add files via upload

083a126

Create Dd

62fef74

Add files via upload

99d4e96

Create Did

e97f5ed

Add files via upload

f3eca04

Create Jeff

9817dc7

Add files via upload

a1554f4

Delete src/Hash

cee0708

Add files via upload

a42965f

Create Jf

cd90050

Add files via upload

2851245

Delete api/llm/Jf

3578445

Web4application added 23 commits June 20, 2025 05:38

Rename scripts/enclove-cli.py to enclove-cli.py

8adeca4

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/config.py to config.py

0de824f

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename repo_analyzer.py to repo_analyzer.py

6062e3f

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename generate_docs.py to generate_docs.py

da14542

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/data_pipeline.py to data_pipeline.py

5390d7c

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename enclov_ai_backend.py to enclov_ai_backend.py

7df1428

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename generate_toc.py to generate_toc.py

9761e53

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/createEnclovAppWithLLM.py to scripts/Docs/createEnclov…

ab9d186

…AppWithLLM.py Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename gen_man_pages.py to generates_man_pages.py

86dedf5

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/github_model_client.py to github_model_client.py

8c7ae23

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/ai_code_review.py to ai_code_review.py

04e80dd

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename task_extractor.py to task_extractor.py

f37b835

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/apply_patches.sh to apply_patches.sh

227808c

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/auto_release.sh to auto_release.sh

e7d0b1a

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Delete scripts/D

5d2e6ec

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename scripts/Docs/createEnclovAppWithLLM.py to Docs/createEnclovApp…

9cc2140

…WithLLM.py Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Create docker-image.yml

b312eda

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Create jekyll-docker.yml

26563a9

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename generates_man_pages.py to generates_man_pages.py

9c4e35c

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename generate-man.yml to generate-man-pages.yml

a563221

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename .github/workflows/ai-code-reviewer.yml to .github/ai-code-revi…

b0c6ff2

…ewer.yml Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Delete .github/workflows/generate-man-pages.yml

5705025

Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Rename .github/ai-code-reviewer.yml to .github/workflows/ai-code-revi…

cc11e7d

…ew.yml Signed-off-by: Web4 <167559384+Web4application@users.noreply.github.com>

Web4application merged commit 2a2e1b2 into codespace-jubilant-space-lamp-69vq5449q59x2xx55 Jun 20, 2025
8 of 13 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Jubilant#17

Jubilant#17
Web4application merged 631 commits intocodespace-jubilant-space-lamp-69vq5449q59x2xx55from
main

Web4application commented Jun 20, 2025

Uh oh!

vercel bot commented Jun 20, 2025

Uh oh!

socket-security bot commented Jun 20, 2025

Uh oh!

socket-security bot commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

Web4application commented Jun 20, 2025

Uh oh!

vercel bot commented Jun 20, 2025

Uh oh!

socket-security bot commented Jun 20, 2025

Uh oh!

socket-security bot commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Web4application commented Jun 20, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant