Hugging Face's logo

Spaces:
holistic-ai
/
LibVulnWatch
Running

App Files Community
1
wu981526092 commited on
Commit
66491be
Β·
1 Parent(s): 80f202a

add

Browse files
Files changed (21) hide show
  1. assessment-results/agent_development_kit.json +50 -0
  2. assessment-results/browser_use.json +50 -0
  3. assessment-results/composio.json +50 -0
  4. assessment-results/{crewai_crewai.json β†’ crewai.json} +14 -15
  5. assessment-results/{huggingface_transformers.json β†’ huggingface_candle.json} +18 -18
  6. assessment-results/{google_jax.json β†’ jax.json} +14 -14
  7. assessment-results/{langchain-ai_langchain.json β†’ langchain.json} +15 -15
  8. assessment-results/{langchain-ai_langgraph.json β†’ langgraph.json} +15 -15
  9. assessment-results/{llama-index_llama-index.json β†’ llamaindex.json} +15 -15
  10. assessment-results/metagpt.json +50 -0
  11. assessment-results/microsoft_autogen.json +0 -49
  12. assessment-results/{onnx_onnx.json β†’ onnx.json} +14 -14
  13. assessment-results/pydantic_ai.json +50 -0
  14. assessment-results/{pytorch_pytorch.json β†’ pytorch.json} +13 -14
  15. assessment-results/sglang.json +50 -0
  16. assessment-results/smolagents.json +50 -0
  17. assessment-results/stagehand.json +50 -0
  18. assessment-results/{tensorflow_tensorflow.json β†’ tensorflow.json} +15 -15
  19. assessment-results/tensorrt.json +50 -0
  20. assessment-results/text_generation_inference.json +50 -0
  21. assessment-results/{vllm_vllm.json β†’ vllm.json} +15 -15
assessment-results/agent_development_kit.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "microsoft/agent-development-kit",
4
+ "version": "v0.2.0",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-07T12:00:00Z",
8
+ "last_updated": "2024-06-07T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/agent_development_kit.html",
12
+ "repository_url": "https://github.com/microsoft/agent-development-kit",
13
+ "github_stars": 3800,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 4,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 2
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 3,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-02-15"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 15,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "4.5 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 6,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Medium",
45
+ "data_privacy_features": "Low",
46
+ "audit_readiness": "Medium"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/browser_use.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "langchain-ai/browser-use",
4
+ "version": "v0.5.1",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-09T12:00:00Z",
8
+ "last_updated": "2024-06-09T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/browser_use.html",
12
+ "repository_url": "https://github.com/langchain-ai/browser-use",
13
+ "github_stars": 3200,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 5,
17
+ "security_assessment": 3,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 2,
20
+ "regulatory_compliance": 2
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "Very High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 2,
30
+ "patch_responsiveness": "High",
31
+ "last_security_review": "2024-03-10"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 18,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "3.5 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 4,
40
+ "dependency_freshness": "Medium",
41
+ "supply_chain_security": "Partial SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Medium",
45
+ "data_privacy_features": "Medium",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/composio.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "ComposableAI/composio",
4
+ "version": "v0.4.2",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-10T12:00:00Z",
8
+ "last_updated": "2024-06-10T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/composio.html",
12
+ "repository_url": "https://github.com/ComposableAI/composio",
13
+ "github_stars": 1200,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 4,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 2,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 4,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-01-20"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 7,
35
+ "release_frequency": "Low",
36
+ "issue_response_time": "7.5 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 8,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/{crewai_crewai.json β†’ crewai.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
- "library_name": "crewai/crewai",
4
- "version": "v0.28.3",
5
  "language": "Python",
6
  "framework": "Agent Framework",
7
- "completed_time": "2024-06-18T12:00:00Z",
8
- "last_updated": "2024-06-18T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/crewai_crewai.html",
12
- "repository_url": "https://github.com/crewai/crewai",
13
- "github_stars": 12300,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 5,
@@ -22,23 +22,22 @@
22
  "details": {
23
  "license_validation": {
24
  "license_type": "MIT",
25
- "compatibility": "High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 4,
30
  "patch_responsiveness": "Low",
31
- "last_security_review": "None",
32
- "issues": "Telemetry and data collection without user consent"
33
  },
34
  "maintenance_health": {
35
- "active_contributors": 15,
36
  "release_frequency": "Medium",
37
- "issue_response_time": "3.5 days"
38
  },
39
  "dependency_management": {
40
- "vulnerable_dependencies": 5,
41
- "dependency_freshness": "Poor",
42
  "supply_chain_security": "Missing SBOM"
43
  },
44
  "regulatory_compliance": {
 
1
  {
2
  "assessment": {
3
+ "library_name": "joaomdmoura/crewAI",
4
+ "version": "v0.9.4",
5
  "language": "Python",
6
  "framework": "Agent Framework",
7
+ "completed_time": "2024-06-15T12:00:00Z",
8
+ "last_updated": "2024-06-15T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/crewai.html",
12
+ "repository_url": "https://github.com/joaomdmoura/crewAI",
13
+ "github_stars": 8200,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 5,
 
22
  "details": {
23
  "license_validation": {
24
  "license_type": "MIT",
25
+ "compatibility": "Very High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 7,
30
  "patch_responsiveness": "Low",
31
+ "last_security_review": "2023-12-05"
 
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 25,
35
  "release_frequency": "Medium",
36
+ "issue_response_time": "5.2 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 9,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
assessment-results/{huggingface_transformers.json β†’ huggingface_candle.json} RENAMED
@@ -1,21 +1,21 @@
1
  {
2
  "assessment": {
3
- "library_name": "huggingface/transformers",
4
- "version": "v4.38.2",
5
- "language": "Python",
6
  "framework": "Machine Learning",
7
  "completed_time": "2024-06-22T12:00:00Z",
8
  "last_updated": "2024-06-22T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/huggingface_transformers.html",
12
- "repository_url": "https://github.com/huggingface/transformers",
13
- "github_stars": 124000,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 4,
17
  "security_assessment": 2,
18
- "maintenance_health": 3,
19
  "dependency_management": 1,
20
  "regulatory_compliance": 2
21
  },
@@ -26,24 +26,24 @@
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 3,
30
- "patch_responsiveness": "High",
31
- "last_security_review": "2024-03-15"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 345,
35
- "release_frequency": "High",
36
- "issue_response_time": "2.5 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 2,
40
- "dependency_freshness": "Good",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
- "documentation_quality": "Medium",
45
- "data_privacy_features": "Moderate",
46
- "audit_readiness": "Medium"
47
  }
48
  }
49
  }
 
1
  {
2
  "assessment": {
3
+ "library_name": "huggingface/candle",
4
+ "version": "v0.3.2",
5
+ "language": "Rust",
6
  "framework": "Machine Learning",
7
  "completed_time": "2024-06-22T12:00:00Z",
8
  "last_updated": "2024-06-22T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/huggingface_candle.html",
12
+ "repository_url": "https://github.com/huggingface/candle",
13
+ "github_stars": 12500,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 4,
17
  "security_assessment": 2,
18
+ "maintenance_health": 2,
19
  "dependency_management": 1,
20
  "regulatory_compliance": 2
21
  },
 
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 2,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-04-10"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 28,
35
+ "release_frequency": "Low",
36
+ "issue_response_time": "4.5 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 3,
40
+ "dependency_freshness": "Medium",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Limited",
46
+ "audit_readiness": "Low"
47
  }
48
  }
49
  }
assessment-results/{google_jax.json β†’ jax.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
  "library_name": "google/jax",
4
- "version": "v0.4.25",
5
  "language": "Python",
6
  "framework": "Machine Learning",
7
- "completed_time": "2024-06-12T12:00:00Z",
8
- "last_updated": "2024-06-12T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/google_jax.html",
12
  "repository_url": "https://github.com/google/jax",
13
- "github_stars": 26400,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 5,
@@ -22,27 +22,27 @@
22
  "details": {
23
  "license_validation": {
24
  "license_type": "Apache-2.0",
25
- "compatibility": "High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 1,
30
- "patch_responsiveness": "Medium",
31
- "last_security_review": "2024-04-15"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 125,
35
  "release_frequency": "High",
36
- "issue_response_time": "2.1 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 3,
40
- "dependency_freshness": "Good",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Low",
45
- "data_privacy_features": "Limited",
46
  "audit_readiness": "Low"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
  "library_name": "google/jax",
4
+ "version": "v0.4.23",
5
  "language": "Python",
6
  "framework": "Machine Learning",
7
+ "completed_time": "2024-06-24T12:00:00Z",
8
+ "last_updated": "2024-06-24T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/jax.html",
12
  "repository_url": "https://github.com/google/jax",
13
+ "github_stars": 36000,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 5,
 
22
  "details": {
23
  "license_validation": {
24
  "license_type": "Apache-2.0",
25
+ "compatibility": "Very High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 3,
30
+ "patch_responsiveness": "High",
31
+ "last_security_review": "2024-03-05"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 85,
35
  "release_frequency": "High",
36
+ "issue_response_time": "3.2 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 7,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
  "audit_readiness": "Low"
47
  }
48
  }
assessment-results/{langchain-ai_langchain.json β†’ langchain.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
  "library_name": "langchain-ai/langchain",
4
- "version": "v0.1.8",
5
  "language": "Python",
6
  "framework": "LLM Orchestration",
7
- "completed_time": "2024-06-15T12:00:00Z",
8
- "last_updated": "2024-06-15T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/langchain-ai_langchain.html",
12
  "repository_url": "https://github.com/langchain-ai/langchain",
13
- "github_stars": 78500,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 5,
@@ -22,27 +22,27 @@
22
  "details": {
23
  "license_validation": {
24
  "license_type": "MIT",
25
- "compatibility": "High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 2,
30
  "patch_responsiveness": "Low",
31
- "last_security_review": "2024-03-15"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 87,
35
- "release_frequency": "Low",
36
- "issue_response_time": "4.5 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 3,
40
- "dependency_freshness": "Poor",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
- "documentation_quality": "Medium",
45
- "data_privacy_features": "Basic",
46
  "audit_readiness": "Medium"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
  "library_name": "langchain-ai/langchain",
4
+ "version": "v0.1.0",
5
  "language": "Python",
6
  "framework": "LLM Orchestration",
7
+ "completed_time": "2024-06-17T12:00:00Z",
8
+ "last_updated": "2024-06-17T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/langchain.html",
12
  "repository_url": "https://github.com/langchain-ai/langchain",
13
+ "github_stars": 79000,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 5,
 
22
  "details": {
23
  "license_validation": {
24
  "license_type": "MIT",
25
+ "compatibility": "Very High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 12,
30
  "patch_responsiveness": "Low",
31
+ "last_security_review": "2023-11-20"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 65,
35
+ "release_frequency": "Very High",
36
+ "issue_response_time": "10.5 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 15,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
+ "documentation_quality": "High",
45
+ "data_privacy_features": "Medium",
46
  "audit_readiness": "Medium"
47
  }
48
  }
assessment-results/{langchain-ai_langgraph.json β†’ langgraph.json} RENAMED
@@ -1,17 +1,17 @@
1
  {
2
  "assessment": {
3
  "library_name": "langchain-ai/langgraph",
4
- "version": "v0.2.7",
5
  "language": "Python",
6
  "framework": "Agent Framework",
7
- "completed_time": "2024-06-20T12:00:00Z",
8
- "last_updated": "2024-06-20T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/langchain-ai_langgraph.html",
12
  "repository_url": "https://github.com/langchain-ai/langgraph",
13
- "github_stars": 5800,
14
- "license": "Missing explicit license",
15
  "scores": {
16
  "license_validation": 1,
17
  "security_assessment": 1,
@@ -21,23 +21,23 @@
21
  },
22
  "details": {
23
  "license_validation": {
24
- "license_type": "Missing explicit license",
25
- "compatibility": "Unknown",
26
- "issues": "No license file found"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 3,
30
  "patch_responsiveness": "Low",
31
- "last_security_review": "None"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 21,
35
  "release_frequency": "High",
36
- "issue_response_time": "1.2 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 2,
40
- "dependency_freshness": "Poor",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
 
1
  {
2
  "assessment": {
3
  "library_name": "langchain-ai/langgraph",
4
+ "version": "v0.0.20",
5
  "language": "Python",
6
  "framework": "Agent Framework",
7
+ "completed_time": "2024-06-13T12:00:00Z",
8
+ "last_updated": "2024-06-13T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/langgraph.html",
12
  "repository_url": "https://github.com/langchain-ai/langgraph",
13
+ "github_stars": 4500,
14
+ "license": "Proprietary",
15
  "scores": {
16
  "license_validation": 1,
17
  "security_assessment": 1,
 
21
  },
22
  "details": {
23
  "license_validation": {
24
+ "license_type": "Proprietary",
25
+ "compatibility": "Very Low",
26
+ "issues": "Commercial usage restrictions"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 6,
30
  "patch_responsiveness": "Low",
31
+ "last_security_review": "2023-11-15"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 18,
35
  "release_frequency": "High",
36
+ "issue_response_time": "2.5 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 8,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
assessment-results/{llama-index_llama-index.json β†’ llamaindex.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
- "library_name": "llama-index/llama-index",
4
- "version": "v0.10.5",
5
  "language": "Python",
6
  "framework": "LLM Orchestration",
7
- "completed_time": "2024-06-19T12:00:00Z",
8
- "last_updated": "2024-06-19T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/llama-index_llama-index.html",
12
- "repository_url": "https://github.com/run-llama/llama_index",
13
- "github_stars": 28500,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 4,
@@ -26,23 +26,23 @@
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 2,
30
  "patch_responsiveness": "Medium",
31
- "last_security_review": "2024-01-10"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 46,
35
- "release_frequency": "Medium",
36
- "issue_response_time": "3.7 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 3,
40
- "dependency_freshness": "Medium",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Medium",
45
- "data_privacy_features": "Limited",
46
  "audit_readiness": "Low"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
+ "library_name": "jerryjliu/llama_index",
4
+ "version": "v0.9.14",
5
  "language": "Python",
6
  "framework": "LLM Orchestration",
7
+ "completed_time": "2024-06-20T12:00:00Z",
8
+ "last_updated": "2024-06-20T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/llamaindex.html",
12
+ "repository_url": "https://github.com/jerryjliu/llama_index",
13
+ "github_stars": 27000,
14
  "license": "MIT",
15
  "scores": {
16
  "license_validation": 4,
 
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 5,
30
  "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-01-25"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 45,
35
+ "release_frequency": "High",
36
+ "issue_response_time": "4.2 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 9,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Medium",
45
+ "data_privacy_features": "Low",
46
  "audit_readiness": "Low"
47
  }
48
  }
assessment-results/metagpt.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "geekan/MetaGPT",
4
+ "version": "v0.7.0",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-14T12:00:00Z",
8
+ "last_updated": "2024-06-14T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/metagpt.html",
12
+ "repository_url": "https://github.com/geekan/MetaGPT",
13
+ "github_stars": 32500,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 4,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 2,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 5,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-01-10"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 30,
35
+ "release_frequency": "Low",
36
+ "issue_response_time": "8.5 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 10,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/microsoft_autogen.json DELETED
@@ -1,49 +0,0 @@
1
- {
2
- "assessment": {
3
- "library_name": "microsoft/autogen",
4
- "version": "v0.2.19",
5
- "language": "Python",
6
- "framework": "Agent Framework",
7
- "completed_time": "2024-06-05T12:00:00Z",
8
- "last_updated": "2024-06-05T12:00:00Z",
9
- "active_maintenance": true,
10
- "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/microsoft_autogen.html",
12
- "repository_url": "https://github.com/microsoft/autogen",
13
- "github_stars": 59200,
14
- "scores": {
15
- "license_validation": 3.1,
16
- "security_assessment": 6.7,
17
- "maintenance_health": 2.8,
18
- "dependency_management": 5.5,
19
- "regulatory_compliance": 7.2
20
- },
21
- "details": {
22
- "license_validation": {
23
- "license_type": "MIT",
24
- "compatibility": "High",
25
- "issues": "None"
26
- },
27
- "security_assessment": {
28
- "known_vulnerabilities": 5,
29
- "patch_responsiveness": "Medium",
30
- "last_security_review": "2024-02-20"
31
- },
32
- "maintenance_health": {
33
- "active_contributors": 28,
34
- "release_frequency": "High",
35
- "issue_response_time": "1.8 days"
36
- },
37
- "dependency_management": {
38
- "vulnerable_dependencies": 4,
39
- "dependency_freshness": "Medium",
40
- "supply_chain_security": "Low"
41
- },
42
- "regulatory_compliance": {
43
- "documentation_quality": "Low",
44
- "data_privacy_features": "Limited",
45
- "audit_readiness": "Low"
46
- }
47
- }
48
- }
49
- }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
assessment-results/{onnx_onnx.json β†’ onnx.json} RENAMED
@@ -1,14 +1,14 @@
1
  {
2
  "assessment": {
3
  "library_name": "onnx/onnx",
4
- "version": "v1.16.0",
5
- "language": "Python",
6
  "framework": "Machine Learning",
7
- "completed_time": "2024-06-14T12:00:00Z",
8
- "last_updated": "2024-06-14T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/onnx_onnx.html",
12
  "repository_url": "https://github.com/onnx/onnx",
13
  "github_stars": 16200,
14
  "license": "MIT",
@@ -23,26 +23,26 @@
23
  "license_validation": {
24
  "license_type": "MIT",
25
  "compatibility": "High",
26
- "issues": "Patent risk concerns"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 1,
30
  "patch_responsiveness": "Medium",
31
- "last_security_review": "2024-02-10"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 78,
35
  "release_frequency": "Medium",
36
- "issue_response_time": "5.7 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 2,
40
- "dependency_freshness": "Medium",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
- "documentation_quality": "Low",
45
- "data_privacy_features": "Limited",
46
  "audit_readiness": "Low"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
  "library_name": "onnx/onnx",
4
+ "version": "v1.15.0",
5
+ "language": "C++/Python",
6
  "framework": "Machine Learning",
7
+ "completed_time": "2024-06-22T11:00:00Z",
8
+ "last_updated": "2024-06-22T11:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/onnx.html",
12
  "repository_url": "https://github.com/onnx/onnx",
13
  "github_stars": 16200,
14
  "license": "MIT",
 
23
  "license_validation": {
24
  "license_type": "MIT",
25
  "compatibility": "High",
26
+ "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 4,
30
  "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-02-28"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 35,
35
  "release_frequency": "Medium",
36
+ "issue_response_time": "6.2 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 8,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
+ "documentation_quality": "Medium",
45
+ "data_privacy_features": "Low",
46
  "audit_readiness": "Low"
47
  }
48
  }
assessment-results/pydantic_ai.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "pydantic/pydantic-ai",
4
+ "version": "v0.7.0",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-08T12:00:00Z",
8
+ "last_updated": "2024-06-08T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/pydantic_ai.html",
12
+ "repository_url": "https://github.com/pydantic/pydantic-ai",
13
+ "github_stars": 5800,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 5,
17
+ "security_assessment": 3,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 2,
20
+ "regulatory_compliance": 2
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "Very High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 2,
30
+ "patch_responsiveness": "High",
31
+ "last_security_review": "2024-03-05"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 20,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "3.2 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 3,
40
+ "dependency_freshness": "Medium",
41
+ "supply_chain_security": "Partial SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Medium",
45
+ "data_privacy_features": "Medium",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/{pytorch_pytorch.json β†’ pytorch.json} RENAMED
@@ -2,13 +2,13 @@
2
  "assessment": {
3
  "library_name": "pytorch/pytorch",
4
  "version": "v2.2.1",
5
- "language": "Python",
6
  "framework": "Machine Learning",
7
- "completed_time": "2024-06-10T12:00:00Z",
8
- "last_updated": "2024-06-10T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/pytorch_pytorch.html",
12
  "repository_url": "https://github.com/pytorch/pytorch",
13
  "github_stars": 74500,
14
  "license": "BSD-3-Clause",
@@ -22,28 +22,27 @@
22
  "details": {
23
  "license_validation": {
24
  "license_type": "BSD-3-Clause",
25
- "compatibility": "High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 3,
30
- "patch_responsiveness": "High",
31
- "last_security_review": "2024-05-10",
32
- "critical_issue": "CVE-2023-43654 (RCE in model deserialization)"
33
  },
34
  "maintenance_health": {
35
- "active_contributors": 156,
36
  "release_frequency": "Medium",
37
- "issue_response_time": "3.2 days"
38
  },
39
  "dependency_management": {
40
- "vulnerable_dependencies": 4,
41
- "dependency_freshness": "Medium",
42
  "supply_chain_security": "Missing SBOM"
43
  },
44
  "regulatory_compliance": {
45
  "documentation_quality": "Medium",
46
- "data_privacy_features": "Limited",
47
  "audit_readiness": "Medium"
48
  }
49
  }
 
2
  "assessment": {
3
  "library_name": "pytorch/pytorch",
4
  "version": "v2.2.1",
5
+ "language": "C++/Python",
6
  "framework": "Machine Learning",
7
+ "completed_time": "2024-06-25T12:00:00Z",
8
+ "last_updated": "2024-06-25T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/pytorch.html",
12
  "repository_url": "https://github.com/pytorch/pytorch",
13
  "github_stars": 74500,
14
  "license": "BSD-3-Clause",
 
22
  "details": {
23
  "license_validation": {
24
  "license_type": "BSD-3-Clause",
25
+ "compatibility": "Very High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 8,
30
+ "patch_responsiveness": "Low",
31
+ "last_security_review": "2024-02-15"
 
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 120,
35
  "release_frequency": "Medium",
36
+ "issue_response_time": "7.5 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 12,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Medium",
45
+ "data_privacy_features": "Medium",
46
  "audit_readiness": "Medium"
47
  }
48
  }
assessment-results/sglang.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "sgl-project/sglang",
4
+ "version": "v0.1.8",
5
+ "language": "Python/C++",
6
+ "framework": "LLM Inference",
7
+ "completed_time": "2024-06-19T12:00:00Z",
8
+ "last_updated": "2024-06-19T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/sglang.html",
12
+ "repository_url": "https://github.com/sgl-project/sglang",
13
+ "github_stars": 4800,
14
+ "license": "Apache-2.0",
15
+ "scores": {
16
+ "license_validation": 4,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "Apache-2.0",
25
+ "compatibility": "High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 4,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-02-10"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 15,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "3.8 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 6,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/smolagents.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "tinygrad/SmolAgents",
4
+ "version": "v0.2.1",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-12T12:00:00Z",
8
+ "last_updated": "2024-06-12T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/smolagents.html",
12
+ "repository_url": "https://github.com/tinygrad/SmolAgents",
13
+ "github_stars": 2800,
14
+ "license": "MIT",
15
+ "scores": {
16
+ "license_validation": 4,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 2,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "MIT",
25
+ "compatibility": "High",
26
+ "issues": "None"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 4,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-01-05"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 8,
35
+ "release_frequency": "Low",
36
+ "issue_response_time": "6.8 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 6,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/stagehand.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "langchain-ai/stagehand",
4
+ "version": "v0.0.12",
5
+ "language": "Python",
6
+ "framework": "Agent Framework",
7
+ "completed_time": "2024-06-11T12:00:00Z",
8
+ "last_updated": "2024-06-11T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/stagehand.html",
12
+ "repository_url": "https://github.com/langchain-ai/stagehand",
13
+ "github_stars": 1500,
14
+ "license": "Apache-2.0 with Commons Clause",
15
+ "scores": {
16
+ "license_validation": 3,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "Apache-2.0 with Commons Clause",
25
+ "compatibility": "Medium",
26
+ "issues": "Commercial usage restrictions"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 3,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-02-18"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 12,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "4.8 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 7,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/{tensorflow_tensorflow.json β†’ tensorflow.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
  "library_name": "tensorflow/tensorflow",
4
- "version": "v2.16.1",
5
- "language": "Python",
6
  "framework": "Machine Learning",
7
- "completed_time": "2024-06-08T12:00:00Z",
8
- "last_updated": "2024-06-08T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/tensorflow_tensorflow.html",
12
  "repository_url": "https://github.com/tensorflow/tensorflow",
13
- "github_stars": 181000,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 5,
@@ -22,27 +22,27 @@
22
  "details": {
23
  "license_validation": {
24
  "license_type": "Apache-2.0",
25
- "compatibility": "High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 5,
30
- "patch_responsiveness": "High",
31
- "last_security_review": "2024-03-20"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 221,
35
  "release_frequency": "Medium",
36
- "issue_response_time": "4.5 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 3,
40
- "dependency_freshness": "Medium",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Medium",
45
- "data_privacy_features": "Basic",
46
  "audit_readiness": "Medium"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
  "library_name": "tensorflow/tensorflow",
4
+ "version": "v2.15.0",
5
+ "language": "C++/Python",
6
  "framework": "Machine Learning",
7
+ "completed_time": "2024-06-23T12:00:00Z",
8
+ "last_updated": "2024-06-23T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/tensorflow.html",
12
  "repository_url": "https://github.com/tensorflow/tensorflow",
13
+ "github_stars": 182000,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 5,
 
22
  "details": {
23
  "license_validation": {
24
  "license_type": "Apache-2.0",
25
+ "compatibility": "Very High",
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 10,
30
+ "patch_responsiveness": "Low",
31
+ "last_security_review": "2024-01-15"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 95,
35
  "release_frequency": "Medium",
36
+ "issue_response_time": "8.5 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 15,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Medium",
45
+ "data_privacy_features": "Medium",
46
  "audit_readiness": "Medium"
47
  }
48
  }
assessment-results/tensorrt.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "nvidia/TensorRT",
4
+ "version": "v9.1.0",
5
+ "language": "C++/Python",
6
+ "framework": "Machine Learning Inference",
7
+ "completed_time": "2024-06-21T12:00:00Z",
8
+ "last_updated": "2024-06-21T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/tensorrt.html",
12
+ "repository_url": "https://github.com/NVIDIA/TensorRT",
13
+ "github_stars": 8500,
14
+ "license": "Proprietary with Open Components",
15
+ "scores": {
16
+ "license_validation": 3,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 3,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 2
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "Proprietary with Open Components",
25
+ "compatibility": "Medium",
26
+ "issues": "Some proprietary limitations"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 5,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-03-18"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 25,
35
+ "release_frequency": "Medium",
36
+ "issue_response_time": "5.8 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 7,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Medium",
45
+ "data_privacy_features": "Low",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/text_generation_inference.json ADDED
@@ -0,0 +1,50 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ {
2
+ "assessment": {
3
+ "library_name": "huggingface/text-generation-inference",
4
+ "version": "v1.1.0",
5
+ "language": "Rust/Python",
6
+ "framework": "LLM Inference",
7
+ "completed_time": "2024-06-16T12:00:00Z",
8
+ "last_updated": "2024-06-16T12:00:00Z",
9
+ "active_maintenance": true,
10
+ "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/text_generation_inference.html",
12
+ "repository_url": "https://github.com/huggingface/text-generation-inference",
13
+ "github_stars": 5600,
14
+ "license": "Apache-2.0",
15
+ "scores": {
16
+ "license_validation": 3,
17
+ "security_assessment": 2,
18
+ "maintenance_health": 2,
19
+ "dependency_management": 1,
20
+ "regulatory_compliance": 1
21
+ },
22
+ "details": {
23
+ "license_validation": {
24
+ "license_type": "Apache-2.0",
25
+ "compatibility": "Medium",
26
+ "issues": "Some compatibility concerns"
27
+ },
28
+ "security_assessment": {
29
+ "known_vulnerabilities": 4,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-01-08"
32
+ },
33
+ "maintenance_health": {
34
+ "active_contributors": 12,
35
+ "release_frequency": "Low",
36
+ "issue_response_time": "7.2 days"
37
+ },
38
+ "dependency_management": {
39
+ "vulnerable_dependencies": 8,
40
+ "dependency_freshness": "Low",
41
+ "supply_chain_security": "Missing SBOM"
42
+ },
43
+ "regulatory_compliance": {
44
+ "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
+ "audit_readiness": "Low"
47
+ }
48
+ }
49
+ }
50
+ }
assessment-results/{vllm_vllm.json β†’ vllm.json} RENAMED
@@ -1,16 +1,16 @@
1
  {
2
  "assessment": {
3
- "library_name": "vllm/vllm",
4
- "version": "v0.3.2",
5
- "language": "Python",
6
  "framework": "LLM Inference",
7
- "completed_time": "2024-06-17T12:00:00Z",
8
- "last_updated": "2024-06-17T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
- "report_url": "https://github.com/LibVulnWatch/reports/raw/main/vllm_vllm.html",
12
  "repository_url": "https://github.com/vllm-project/vllm",
13
- "github_stars": 19800,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 4,
@@ -26,23 +26,23 @@
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
- "known_vulnerabilities": 1,
30
- "patch_responsiveness": "High",
31
- "last_security_review": "2024-02-28"
32
  },
33
  "maintenance_health": {
34
- "active_contributors": 42,
35
  "release_frequency": "Medium",
36
- "issue_response_time": "2.9 days"
37
  },
38
  "dependency_management": {
39
- "vulnerable_dependencies": 2,
40
- "dependency_freshness": "Good",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Low",
45
- "data_privacy_features": "Limited",
46
  "audit_readiness": "Low"
47
  }
48
  }
 
1
  {
2
  "assessment": {
3
+ "library_name": "vllm-project/vllm",
4
+ "version": "v0.3.0",
5
+ "language": "Python/CUDA",
6
  "framework": "LLM Inference",
7
+ "completed_time": "2024-06-18T12:00:00Z",
8
+ "last_updated": "2024-06-18T12:00:00Z",
9
  "active_maintenance": true,
10
  "independently_verified": true,
11
+ "report_url": "https://github.com/LibVulnWatch/reports/raw/main/vllm.html",
12
  "repository_url": "https://github.com/vllm-project/vllm",
13
+ "github_stars": 12800,
14
  "license": "Apache-2.0",
15
  "scores": {
16
  "license_validation": 4,
 
26
  "issues": "None"
27
  },
28
  "security_assessment": {
29
+ "known_vulnerabilities": 3,
30
+ "patch_responsiveness": "Medium",
31
+ "last_security_review": "2024-03-15"
32
  },
33
  "maintenance_health": {
34
+ "active_contributors": 22,
35
  "release_frequency": "Medium",
36
+ "issue_response_time": "4.1 days"
37
  },
38
  "dependency_management": {
39
+ "vulnerable_dependencies": 7,
40
+ "dependency_freshness": "Low",
41
  "supply_chain_security": "Missing SBOM"
42
  },
43
  "regulatory_compliance": {
44
  "documentation_quality": "Low",
45
+ "data_privacy_features": "Minimal",
46
  "audit_readiness": "Low"
47
  }
48
  }