基础信息
项目名称:JovianML/jovian-py
项目徽章:
仓库地址:https://github.com/pterodactyl/panel
检测报告地址:https://www.murphysec.com/console/report/1719268170401447936/1719268172561514496
此报告由Murphysec提供
漏洞列表
| 漏洞名称 | 漏洞类型 | MPS编号 | CVE编号 | 漏洞等级 |
|---|---|---|---|---|
| Ajv v6.12.2 输入验证错误漏洞 | MAID | MPS-2020-10525 | CVE-2020-15366 | 中危 |
| urllib3 注入漏洞 | 注入 | MPS-2020-13780 | CVE-2020-26137 | 中危 |
| jQuery 跨站脚本漏洞 | XSS | MPS-2020-15461 | CVE-2020-11023 | 中危 |
| jQuery 跨站脚本漏洞 | XSS | MPS-2020-15462 | CVE-2020-11022 | 中危 |
| CodeMirror | 拒绝服务 | MPS-2020-15782 | CVE-2020-7760 | 高危 |
| urllib3 library 资源管理错误漏洞 | 拒绝服务 | MPS-2020-3252 | CVE-2020-7212 | 高危 |
| url-parse | 跨站重定向 | MPS-2021-11194 | CVE-2021-3664 | 中危 |
| Jupyter Notebook 跨站脚本漏洞 | XSS | MPS-2021-16957 | CVE-2021-32798 | 严重 |
| url-parse | 相对路径遍历 | MPS-2021-2265 | CVE-2021-27515 | 中危 |
| nbconvert XSS漏洞 | XSS | MPS-2021-24622 | CVE-2021-32862 | 中危 |
| Abea Apostrophe Technologies sanitize-html 主机白名单绕过漏洞 | 对数据真实性的验证不充分 | MPS-2021-3423 | CVE-2021-26539 | 中危 |
| Abea Apostrophe Technologies sanitize-html 主机名注入漏洞 | 注入 | MPS-2021-3424 | CVE-2021-26540 | 中危 |
| marked 存在拒绝服务漏洞 | ReDoS | MPS-2021-37038 | CVE-2022-21680 | 高危 |
| marked 存在拒绝服务漏洞 | 过度严格的正则表达式 | MPS-2021-37039 | CVE-2022-21681 | 高危 |
| Interactive Python 安全漏洞 | 不安全的运行时授予权限 | MPS-2021-37057 | CVE-2022-21699 | 高危 |
| minimist 安全漏洞 | 原型污染 | MPS-2021-38405 | CVE-2021-44906 | 严重 |
| Andrey Sitnik postcss 拒绝服务漏洞 | 拒绝服务 | MPS-2021-4549 | CVE-2021-23368 | 中危 |
| postcss 存在正则表达式拒绝服务漏洞 | 拒绝服务 | MPS-2021-5409 | CVE-2021-23382 | 中危 |
| ws 存在拒绝服务漏洞 | 拒绝服务 | MPS-2021-7109 | CVE-2021-32640 | 中危 |
| urllib3 资源管理错误漏洞 | 拒绝服务 | MPS-2021-9054 | CVE-2021-33503 | 高危 |
| Moment.js 正则拒绝服务漏洞 | 拒绝服务 | MPS-2022-11159 | CVE-2022-31129 | 高危 |
| codemirror | 拒绝服务 | MPS-2022-13597 | 低危 | |
| marked | ReDoS | MPS-2022-13864 | 中危 | |
| sanitize-html 存在代码注入漏洞 | 代码注入 | MPS-2022-14021 | 严重 | |
| node-fetch 信息泄露漏洞 | 未授权敏感信息泄露 | MPS-2022-1461 | CVE-2022-0235 | 中危 |
| mistune 存在跨站脚本漏洞 | XSS | MPS-2022-14986 | 中危 | |
| pylint 存在拒绝服务漏洞 | 拒绝服务 | MPS-2022-15071 | 中危 | |
| pylint 存在代码注入漏洞 | 代码注入 | MPS-2022-15072 | 中危 | |
| pylint 存在拒绝服务漏洞 | 拒绝服务 | MPS-2022-15073 | 高危 | |
| Certifi 存在数据真实性验证不充分漏洞 | 对数据真实性的验证不充分 | MPS-2022-1918 | CVE-2022-23491 | 中危 |
| mistune 拒绝服务漏洞 | 拒绝服务 | MPS-2022-20161 | CVE-2022-34749 | 中危 |
| url-parse 存在访问限制绕过漏洞 | 通过用户控制密钥绕过授权机制 | MPS-2022-3327 | CVE-2022-0512 | 中危 |
| Jupyter Notebook 日志信息泄露漏洞 | 日志敏感信息泄露 | MPS-2022-3725 | CVE-2022-24758 | 高危 |
| Moment.js 路径遍历漏洞 | 路径遍历 | MPS-2022-3752 | CVE-2022-24785 | 中危 |
| url-parse | 通过用户控制密钥绕过授权机制 | MPS-2022-4297 | CVE-2022-0639 | 中危 |
| NPM url-parse授权绕过漏洞 | 通过用户控制密钥绕过授权机制 | MPS-2022-4464 | CVE-2022-0686 | 严重 |
| Url-parse | 通过用户控制密钥绕过授权机制 | MPS-2022-4474 | CVE-2022-0691 | 严重 |
| sanitize-html 拒绝服务漏洞 | ReDoS | MPS-2022-5170 | CVE-2022-25887 | 高危 |
| Python 安全漏洞 | ReDoS | MPS-2022-57240 | CVE-2022-40899 | 高危 |
| minimatch 资源管理错误漏洞 | 拒绝服务 | MPS-2022-59845 | CVE-2022-3517 | 高危 |
| Jupyter Notebook 代码问题漏洞 | 对搜索路径元素未加控制 | MPS-2022-60830 | CVE-2022-39286 | 高危 |
| Tauri 原型污染漏洞 | 原型污染 | MPS-2022-65568 | CVE-2022-46175 | 高危 |
| Jupyter Notebook 安全漏洞 | 直接请求(强制性浏览) | MPS-2022-8639 | CVE-2022-29238 | 中危 |
| cross-fetch 安全漏洞 | 授权检查错误 | MPS-2022-8877 | CVE-2022-1365 | 中危 |
| Interactive Python 操作系统命令注入漏洞 | OS命令注入 | MPS-2023-3322 | CVE-2023-24816 | 高危 |
| urllib3 安全漏洞 | MPS-46py-nxai | CVE-2023-45803 | 中危 | |
| Tornado 输入验证错误漏洞 | 跨站重定向 | MPS-84aj-mebq | CVE-2023-28370 | 中危 |
| Certifi 数据伪造问题漏洞 | 对数据真实性的验证不充分 | MPS-ck78-r6zg | CVE-2023-37920 | 严重 |
| Requests Proxy-Authorization 标头泄露漏洞 | 未授权敏感信息泄露 | MPS-hr61-tzey | CVE-2023-32681 | 中危 |
| urllib3 HTTP重定向信息泄露漏洞 | 未授权敏感信息泄露 | MPS-s0oy-afbw | CVE-2023-43804 | 高危 |
| PostCSS 安全漏洞 | 注入 | MPS-y3tx-jzms | CVE-2023-44270 | 中危 |
缺陷组件
| 组件名称 | 版本 | 最小修复版本 | 依赖关系 | 修复建议 |
|---|---|---|---|---|
| urllib3 | 1.25.3 | 1.26.18 | 间接依赖 | 建议修复 |
| certifi | 2018.8.24 | 2023.7.22 | 间接依赖 | 建议修复 |
| sphinx | 2.2.0 | 3.0.4 | 间接依赖 | 建议修复 |
| minimatch | 3.0.4 | 3.0.5 | 间接依赖 | 建议修复 |
| pylint | 2.3.1 | 2.7.0 | 间接依赖 | 建议修复 |
| json5 | 2.1.3 | 2.2.2 | 间接依赖 | 建议修复 |
| jupyter-core | 4.6.3 | 4.11.2 | 间接依赖 | 建议修复 |
| minimist | 1.2.5 | 1.2.6 | 间接依赖 | 建议修复 |
| ipython | 7.8.0 | 8.10.0 | 间接依赖 | 建议修复 |
| sanitize-html | 1.20.1 | 2.7.1 | 间接依赖 | 建议修复 |
| requests | 2.22.0 | 2.31.0 | 间接依赖 | 建议修复 |
| notebook | 6.1.5 | 6.4.12 | 间接依赖 | 建议修复 |
| url-parse | 1.4.7 | 1.5.9 | 间接依赖 | 建议修复 |
| codemirror | 5.49.2 | 5.58.2 | 间接依赖 | 建议修复 |
| marked | 0.8.2 | 4.0.10 | 间接依赖 | 可选修复 |
| mistune | 0.8.4 | 2.0.3 | 间接依赖 | 可选修复 |
| moment | 2.24.0 | 2.29.4 | 间接依赖 | 可选修复 |
| node-fetch | 2.6.1 | 2.6.7 | 间接依赖 | 可选修复 |
| ws | 7.2.3 | 7.4.6 | 间接依赖 | 可选修复 |
| tornado | 6.0.3 | 6.3.2 | 间接依赖 | 可选修复 |
| ajv | 6.12.1 | 6.12.3 | 间接依赖 | 可选修复 |
| nbconvert | 5.6.1 | 6.3 | 间接依赖 | 可选修复 |
| postcss | 7.0.27 | 8.4.31 | 间接依赖 | 可选修复 |
| future | 0.17.1 | 0.18.3 | 间接依赖 | 可选修复 |
许可证风险
| 许可证类型 | 相关组件 | 许可证风险 |
|---|---|---|
| MIT | 112 | 低 |
| BSD-3-Clause | 48 | 低 |
| BSD-2-Clause | 9 | 低 |
| 自定义许可证 | 34 | 低 |
| ISC | 10 | 低 |
| Apache-2.0 | 16 | 低 |
| LGPL-2.1-or-later | 1 | 低 |
| GPL-2.0-or-later | 1 | 低 |
| MPL-2.0 | 1 | 低 |
| LGPL-3.0 | 1 | 中 |
| LGPL-3.0-or-later | 1 | 低 |
SBOM清单
| 组件名称 | 组件版本 | 是否直接依赖 | 仓库 |
|---|---|---|---|
| ansi-styles | 3.2.1 | 间接依赖 | npm |
| @lumino/collections | 1.2.3 | 间接依赖 | npm |
| ajv | 6.12.1 | 间接依赖 | npm |
| pull | 间接依赖 | pip | |
| ANY | 间接依赖 | pip | |
| @jupyterlab/outputarea | 2.1.0 | 间接依赖 | npm |
| regexp.prototype.flags | 1.3.0 | 间接依赖 | npm |
| Pygments | 2.7.4 | 间接依赖 | pip |
| csstype | 2.6.9 | 间接依赖 | npm |
| domhandler | 2.4.2 | 间接依赖 | npm |
| wrapt | 1.11.2 | 间接依赖 | pip |
| purge_config | 间接依赖 | pip | |
| pkginfo | 1.5.0.1 | 间接依赖 | pip |
| uuid | 1.30 | 间接依赖 | pip |
| Jinja2 | 2.11.3 | 间接依赖 | pip |
| snowballstemmer | 1.9.1 | 间接依赖 | pip |
| @jupyterlab/attachments | 2.1.0 | 间接依赖 | npm |
| sphinxcontrib-htmlhelp | 1.0.2 | 间接依赖 | pip |
| is-date-object | 1.0.2 | 间接依赖 | npm |
| rimraf | 2.7.1 | 直接依赖 | npm |
| domutils | 1.7.0 | 间接依赖 | npm |
| xtend | 4.0.2 | 间接依赖 | npm |
| codemirror | 5.49.2 | 间接依赖 | npm |
| Click | 7.0 | 间接依赖 | pip |
| @jupyterlab/ui-components | 2.1.0 | 间接依赖 | npm |
| node-gyp-build | 3.7.0 | 间接依赖 | npm |
| terminado | 0.8.3 | 间接依赖 | pip |
| wcwidth | 0.1.7 | 间接依赖 | pip |
| sphinxcontrib-serializinghtml | 1.1.3 | 间接依赖 | pip |
| stevedore | 1.31.0 | 间接依赖 | pip |
| @jupyterlab/apputils | 2.1.0 | 间接依赖 | npm |
| pytz | 2019.2 | 间接依赖 | pip |
| path-is-absolute | 1.0.1 | 间接依赖 | npm |
| twine | 1.15.0 | 间接依赖 | pip |
| has-flag | 3.0.0 | 间接依赖 | npm |
| marked | 0.8.2 | 间接依赖 | npm |
| TestCase | 间接依赖 | pip | |
| future | 0.17.1 | 间接依赖 | pip |
| js-tokens | 4.0.0 | 间接依赖 | npm |
| Sphinx | 2.2.0 | 间接依赖 | pip |
| livereload | 2.6.1 | 间接依赖 | pip |
| object-keys | 1.1.1 | 间接依赖 | npm |
| inflight | 1.0.6 | 间接依赖 | npm |
| backcall | 0.1.0 | 间接依赖 | pip |
| supports-color | 5.5.0 | 间接依赖 | npm |
| @lumino/widgets | 1.11.1 | 间接依赖 | npm |
| mccabe | 0.6.1 | 间接依赖 | pip |
| fake_creds | 间接依赖 | pip | |
| sphinxcontrib-devhelp | 1.0.1 | 间接依赖 | pip |
| readme-renderer | 24.0 | 间接依赖 | pip |
| path-posix | 1.0.0 | 间接依赖 | npm |
| escape-string-regexp | 1.0.5 | 间接依赖 | npm |
| @lumino/properties | 1.1.6 | 间接依赖 | npm |
| resize-observer-polyfill | 1.5.1 | 间接依赖 | npm |
| call | 间接依赖 | pip | |
| entities | 1.1.2 | 间接依赖 | npm |
| readable-stream | 3.6.0 | 间接依赖 | npm |
| popper.js | 1.16.1 | 间接依赖 | npm |
| @lumino/commands | 1.10.1 | 间接依赖 | npm |
| pluggy | 0.13.1 | 间接依赖 | pip |
| pyparsing | 2.4.2 | 间接依赖 | pip |
| get_current_user | 间接依赖 | pip | |
| requests | 2.22.0 | 间接依赖 | pip |
| creds_exist | 间接依赖 | pip | |
| idna | 2.8 | 间接依赖 | pip |
| @lumino/application | 1.8.4 | 间接依赖 | npm |
| @jupyterlab/statedb | 2.1.0 | 间接依赖 | npm |
| git | 间接依赖 | pip | |
| pytest-xdist | 1.31.0 | 间接依赖 | pip |
| number-is-nan | 1.0.1 | 间接依赖 | npm |
| sphinxcontrib-jsmath | 1.0.1 | 间接依赖 | pip |
| json5 | 2.1.3 | 间接依赖 | npm |
| pathtools | 0.1.2 | 间接依赖 | pip |
| @jupyterlab/docregistry | 2.1.0 | 间接依赖 | npm |
| lodash.escaperegexp | 4.1.2 | 间接依赖 | npm |
| brace-expansion | 1.1.11 | 间接依赖 | npm |
| typed-ast | 1.4.0 | 间接依赖 | pip |
| util-deprecate | 1.0.2 | 间接依赖 | npm |
| once | 1.4.0 | 间接依赖 | npm |
| ensure_org | 间接依赖 | pip | |
| dom-helpers | 3.4.0 | 间接依赖 | npm |
| zipp | 0.6.0 | 间接依赖 | pip |
| isort | 4.3.21 | 间接依赖 | pip |
| clone | 间接依赖 | pip | |
| punycode | 2.1.1 | 间接依赖 | npm |
| @types/prop-types | 15.7.3 | 间接依赖 | npm |
| @fortawesome/fontawesome-free | 5.13.0 | 间接依赖 | npm |
| pexpect | 4.7.0 | 间接依赖 | pip |
| @lumino/disposable | 1.3.5 | 间接依赖 | npm |
| @lumino/domutils | 1.1.7 | 间接依赖 | npm |
| watchdog | 0.9.0 | 间接依赖 | pip |
| Send2Trash | 1.5.0 | 间接依赖 | pip |
| torch | 间接依赖 | pip | |
| read_cred | 间接依赖 | pip | |
| MarkupSafe | 1.1.1 | 间接依赖 | pip |
| srcset | 1.0.0 | 间接依赖 | npm |
| MockResponse | 间接依赖 | pip | |
| astroid | 2.2.5 | 间接依赖 | pip |
| webencodings | 0.5.1 | 间接依赖 | pip |
| lodash.clonedeep | 4.5.0 | 间接依赖 | npm |
| chalk | 2.4.2 | 间接依赖 | npm |
| read_api_key_opt | 间接依赖 | pip | |
| WINDOWS | 间接依赖 | pip | |
| bumpversion | 0.5.3 | 间接依赖 | pip |
| node-fetch | 2.6.1 | 间接依赖 | npm |
| sphinx-rtd-theme | 0.4.3 | 间接依赖 | pip |
| lazy-object-proxy | 1.4.2 | 间接依赖 | pip |
| apipkg | 1.5 | 间接依赖 | pip |
| sphinxcontrib-qthelp | 1.0.2 | 间接依赖 | pip |
| @jupyterlab/codeeditor | 2.1.0 | 间接依赖 | npm |
| keras | 间接依赖 | pip | |
| @blueprintjs/core | 3.25.0 | 间接依赖 | npm |
| restructuredtext-lint | 1.3.0 | 间接依赖 | pip |
| @jupyterlab/cells | 2.1.0 | 间接依赖 | npm |
| LINUX | 间接依赖 | pip | |
| imagesize | 1.1.0 | 间接依赖 | pip |
| @jupyterlab/notebook | 2.1.0 | 直接依赖 | npm |
| importlib-metadata | 1.3.0 | 间接依赖 | pip |
| @jupyterlab/codemirror | 2.1.0 | 间接依赖 | npm |
| react-lifecycles-compat | 3.0.4 | 间接依赖 | npm |
| pylint | 2.3.1 | 间接依赖 | pip |
| sanitize-html | 1.20.1 | 间接依赖 | npm |
| @jupyterlab/rendermime | 2.1.0 | 间接依赖 | npm |
| fast-deep-equal | 3.1.1 | 间接依赖 | npm |
| parso | 0.5.1 | 间接依赖 | pip |
| mock | 间接依赖 | pip | |
| jupyter-client | 6.1.3 | 间接依赖 | pip |
| typescript | 3.7.5 | 直接依赖 | npm |
| @blueprintjs/icons | 3.15.0 | 间接依赖 | npm |
| coverage | 5.0.1 | 间接依赖 | pip |
| classnames | 2.2.6 | 间接依赖 | npm |
| object-assign | 4.1.1 | 间接依赖 | npm |
| lodash.mergewith | 4.6.2 | 间接依赖 | npm |
| array-uniq | 1.0.3 | 间接依赖 | npm |
| @jupyterlab/filebrowser | 2.1.0 | 间接依赖 | npm |
| six | 1.12.0 | 间接依赖 | pip |
| appnope | 0.1.0 | 间接依赖 | pip |
| port-for | 0.3.1 | 间接依赖 | pip |
| react | 16.9.0 | 间接依赖 | npm |
| @lumino/algorithm | 1.2.3 | 间接依赖 | npm |
| dom4 | 2.1.5 | 间接依赖 | npm |
| moment | 2.24.0 | 间接依赖 | npm |
| lodash.escape | 4.0.1 | 间接依赖 | npm |
| certifi | 2018.8.24 | 间接依赖 | pip |
| uri-js | 4.2.2 | 间接依赖 | npm |
| @lumino/messaging | 1.3.3 | 间接依赖 | npm |
| argh | 0.26.2 | 间接依赖 | pip |
| object-is | 1.1.2 | 间接依赖 | npm |
| @lumino/signaling | 1.3.5 | 间接依赖 | npm |
| ipython-genutils | 0.2.0 | 间接依赖 | pip |
| @types/dom4 | 2.0.1 | 间接依赖 | npm |
| ptyprocess | 0.6.0 | 间接依赖 | pip |
| balanced-match | 1.0.0 | 间接依赖 | npm |
| pbr | 5.4.3 | 间接依赖 | pip |
| doc8 | 0.8.0 | 间接依赖 | pip |
| postcss | 7.0.27 | 间接依赖 | npm |
| @jupyterlab/observables | 3.1.0 | 间接依赖 | npm |
| typestyle | 2.1.0 | 间接依赖 | npm |
| is-regex | 1.0.5 | 间接依赖 | npm |
| scheduler | 0.15.0 | 间接依赖 | npm |
| @types/react | 16.9.34 | 间接依赖 | npm |
| commonmark | 0.9.0 | 间接依赖 | pip |
| jupyter | 1.0.0 | 间接依赖 | pip |
| string_decoder | 1.3.0 | 间接依赖 | npm |
| @lumino/virtualdom | 1.6.1 | 间接依赖 | npm |
| tslib | 1.10.0 | 间接依赖 | npm |
| recommonmark | 0.5.0 | 间接依赖 | pip |
| lodash.isstring | 4.0.1 | 间接依赖 | npm |
| autopep8 | 1.4.4 | 间接依赖 | pip |
| htmlparser2 | 3.10.1 | 间接依赖 | npm |
| free-style | 3.1.0 | 间接依赖 | npm |
| @babel/runtime | 7.9.2 | 间接依赖 | npm |
| WEBAPP_URL_KEY | 间接依赖 | pip | |
| create-react-context | 0.3.0 | 间接依赖 | npm |
| @jupyterlab/services | 5.1.0 | 间接依赖 | npm |
| pickleshare | 0.7.5 | 间接依赖 | pip |
| execnet | 1.7.1 | 间接依赖 | pip |
| prometheus-client | 0.7.1 | 间接依赖 | pip |
| @jupyterlab/rendermime-interfaces | 2.1.0 | 间接依赖 | npm |
| is-arguments | 1.0.4 | 间接依赖 | npm |
| url-parse | 1.4.7 | 间接依赖 | npm |
| mistune | 0.8.4 | 间接依赖 | pip |
| sphinx | 2.2.0 | 间接依赖 | pip |
| @blueprintjs/select | 3.12.1 | 间接依赖 | npm |
| deep-equal | 1.1.1 | 间接依赖 | npm |
| pathlib2 | 2.3.5 | 间接依赖 | pip |
| loose-envify | 1.4.0 | 间接依赖 | npm |
| prompt-toolkit | 2.0.9 | 间接依赖 | pip |
| testpath | 0.4.4 | 间接依赖 | pip |
| notebook | 6.1.5 | 间接依赖 | pip |
| react-popper | 1.3.7 | 间接依赖 | npm |
| docutils | 0.15.2 | 间接依赖 | pip |
| json-schema-traverse | 0.4.1 | 间接依赖 | npm |
| @jupyterlab/application | 2.1.0 | 直接依赖 | npm |
| gud | 1.0.0 | 间接依赖 | npm |
| react-dom | 16.9.0 | 间接依赖 | npm |
| python-dateutil | 2.8.1 | 间接依赖 | pip |
| nbformat | 5.0.6 | 间接依赖 | pip |
| sphinx-sitemap | 2.1.0 | 间接依赖 | pip |
| color-convert | 1.9.3 | 间接依赖 | npm |
| @lumino/keyboard | 1.1.6 | 间接依赖 | npm |
| domelementtype | 1.3.1 | 间接依赖 | npm |
| write_creds | 间接依赖 | pip | |
| requires-port | 1.0.0 | 间接依赖 | npm |
| pockets | 0.7.2 | 间接依赖 | pip |
| click | 7.0 | 间接依赖 | pip |
| Babel | 2.7.0 | 间接依赖 | pip |
| sphinx-autobuild | 0.7.1 | 间接依赖 | pip |
| bleach | 3.3.0 | 间接依赖 | pip |
| lodash.isplainobject | 4.0.6 | 间接依赖 | npm |
| MACOS | 间接依赖 | pip | |
| pyzmq | 19.0.1 | 间接依赖 | pip |
| tornado | 6.0.3 | 间接依赖 | pip |
| source-map | 0.6.1 | 间接依赖 | npm |
| _h | 间接依赖 | pip | |
| pytest | 5.3.2 | 间接依赖 | pip |
| prop-types | 15.7.2 | 间接依赖 | npm |
| pycodestyle | 2.5.0 | 间接依赖 | pip |
| nbconvert | 5.6.1 | 间接依赖 | pip |
| @jupyterlab/coreutils | 4.1.0 | 间接依赖 | npm |
| api | 间接依赖 | pip | |
| traitlets | 4.3.2 | 间接依赖 | pip |
| py | 1.10.0 | 间接依赖 | pip |
| react-transition-group | 2.9.0 | 间接依赖 | npm |
| jsonschema | 3.2.0 | 间接依赖 | pip |
| entrypoints | 0.3 | 间接依赖 | pip |
| regenerator-runtime | 0.13.5 | 间接依赖 | npm |
| ws | 7.2.3 | 间接依赖 | npm |
| querystringify | 2.1.1 | 间接依赖 | npm |
| utf-8-validate | 5.0.2 | 直接依赖 | npm |
| pytest-cov | 2.8.1 | 间接依赖 | pip |
| @lumino/polling | 1.1.1 | 间接依赖 | npm |
| bufferutil | 4.0.1 | 直接依赖 | npm |
| glob | 7.1.6 | 间接依赖 | npm |
| chardet | 3.0.4 | 间接依赖 | pip |
| ipython | 7.8.0 | 间接依赖 | pip |
| @jupyterlab/docmanager | 2.1.0 | 间接依赖 | npm |
| more-itertools | 8.0.2 | 间接依赖 | pip |
| tqdm | 4.36.1 | 间接依赖 | pip |
| warning | 4.0.3 | 间接依赖 | npm |
| fs.realpath | 1.0.0 | 间接依赖 | npm |
| @jupyterlab/nbformat | 2.1.0 | 间接依赖 | npm |
| ipykernel | 5.1.3 | 间接依赖 | pip |
| jedi | 0.15.1 | 间接依赖 | pip |
| get_guest_key | 间接依赖 | pip | |
| @lumino/dragdrop | 1.5.1 | 间接依赖 | npm |
| requests-toolbelt | 0.9.1 | 间接依赖 | pip |
| defusedxml | 0.6.0 | 间接依赖 | pip |
| fast-json-stable-stringify | 2.1.0 | 间接依赖 | npm |
| react-is | 16.13.1 | 间接依赖 | npm |
| jupyter-core | 4.6.3 | 间接依赖 | pip |
| minimist | 1.2.5 | 间接依赖 | npm |
| normalize.css | 8.0.1 | 间接依赖 | npm |
| @jupyterlab/statusbar | 2.1.0 | 间接依赖 | npm |
| pyrsistent | 0.16.0 | 间接依赖 | pip |
| jovian | 间接依赖 | pip | |
| sphinxcontrib-napoleon | 0.7 | 间接依赖 | pip |
| opencollective-postinstall | 2.0.2 | 间接依赖 | npm |
| wrappy | 1.0.2 | 间接依赖 | npm |
| attrs | 19.1.0 | 间接依赖 | pip |
| @lumino/coreutils | 1.4.2 | 间接依赖 | npm |
| pyyaml | 5.4 | 间接依赖 | pip |
| pandocfilters | 1.4.2 | 间接依赖 | pip |
| concat-map | 0.0.1 | 间接依赖 | npm |
| minimatch | 3.0.4 | 间接依赖 | npm |
| dom-serializer | 0.2.2 | 间接依赖 | npm |
| typed-styles | 0.0.7 | 间接依赖 | npm |
| @jupyterlab/settingregistry | 2.1.0 | 间接依赖 | npm |
| urllib3 | 1.25.3 | 间接依赖 | pip |
| sphinxcontrib-applehelp | 1.0.1 | 间接依赖 | pip |
| decorator | 4.4.0 | 间接依赖 | pip |
| pytest-forked | 1.1.3 | 间接依赖 | pip |
| inherits | 2.0.4 | 间接依赖 | npm |
| packaging | 19.1 | 间接依赖 | pip |
| rope | 0.14.0 | 间接依赖 | pip |
| alabaster | 0.7.12 | 间接依赖 | pip |