Home/mindspore/Trust report

Trust and health report

mindspore - trust report

Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.

GraphCanon updated today · GitHub synced today

Maintenance

Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.

Dormant18% signal

last push 712d ago

Provenance

Repository identity and fork provenance (github_public_v1).

Security scan

Dependency advisory security scan when a lockfile is present. Not a full code audit.

Status
103 low
Last scan
today
Scanner
osv@v1

Findings

GHSA-6p56-wp2h-9hxr
numpy@1.20.0 · requirements.txt
GHSA-fpfv-jqm9-f5jm
numpy@1.20.0 · requirements.txt
GHSA-7gcm-g887-7qv7
protobuf@3.13.0 · requirements.txt
GHSA-8gq9-2x98-w8hf
protobuf@3.13.0 · requirements.txt
GHSA-8qvm-5x2c-j2w7
protobuf@3.13.0 · requirements.txt
PYSEC-2022-48
protobuf@3.13.0 · requirements.txt
PYSEC-2026-1805
protobuf@3.13.0 · requirements.txt
PYSEC-2026-1806
protobuf@3.13.0 · requirements.txt
PYSEC-2026-899
protobuf@3.13.0 · requirements.txt
GHSA-3f63-hfp8-52jq
pillow@6.2.0 · requirements.txt
GHSA-3wvg-mj6g-m9cv
pillow@6.2.0 · requirements.txt
GHSA-3xv8-3j54-hgrp
pillow@6.2.0 · requirements.txt
GHSA-43fq-w8qq-v88h
pillow@6.2.0 · requirements.txt
GHSA-44wm-f244-xhp3
pillow@6.2.0 · requirements.txt
GHSA-4fx9-vc88-q2xc
pillow@6.2.0 · requirements.txt
GHSA-57h3-9rgr-c24m
pillow@6.2.0 · requirements.txt
GHSA-5gm3-px64-rw72
pillow@6.2.0 · requirements.txt
GHSA-7534-mm45-c74v
pillow@6.2.0 · requirements.txt
GHSA-77gc-v2xv-rvvh
pillow@6.2.0 · requirements.txt
GHSA-7r7m-5h27-29hp
pillow@6.2.0 · requirements.txt
GHSA-8843-m7mw-mxqm
pillow@6.2.0 · requirements.txt
GHSA-8ghj-p4vj-mr35
pillow@6.2.0 · requirements.txt
GHSA-8vj2-vxx3-667w
pillow@6.2.0 · requirements.txt
GHSA-8xjq-8fcg-g5hw
pillow@6.2.0 · requirements.txt
GHSA-95q3-8gr9-gm8w
pillow@6.2.0 · requirements.txt
GHSA-98vv-pw6r-q6q4
pillow@6.2.0 · requirements.txt
GHSA-9hx2-hgq2-2g4f
pillow@6.2.0 · requirements.txt
GHSA-9j59-75qj-795w
pillow@6.2.0 · requirements.txt
GHSA-cqhg-xjhh-p8hf
pillow@6.2.0 · requirements.txt
GHSA-f4w8-cv6p-x6r5
pillow@6.2.0 · requirements.txt
GHSA-f5g8-5qq7-938w
pillow@6.2.0 · requirements.txt
GHSA-g6rj-rv7j-xwp4
pillow@6.2.0 · requirements.txt
GHSA-hf64-x4gq-p99h
pillow@6.2.0 · requirements.txt
GHSA-hj69-c76v-86wr
pillow@6.2.0 · requirements.txt
GHSA-hjfx-8p6c-g7gx
pillow@6.2.0 · requirements.txt
GHSA-j7hp-h8jx-5ppr
pillow@6.2.0 · requirements.txt
GHSA-jgpv-4h4c-xhw3
pillow@6.2.0 · requirements.txt
GHSA-m2vv-5vj5-2hm7
pillow@6.2.0 · requirements.txt
GHSA-mvg9-xffr-p774
pillow@6.2.0 · requirements.txt
GHSA-p43w-g3c5-g5mq
pillow@6.2.0 · requirements.txt
GHSA-p49h-hjvm-jg3h
pillow@6.2.0 · requirements.txt
GHSA-pw3c-h7wp-cvhx
pillow@6.2.0 · requirements.txt
GHSA-q5hq-fp76-qmrc
pillow@6.2.0 · requirements.txt
GHSA-r73j-pqj5-w3x7
pillow@6.2.0 · requirements.txt
GHSA-r7rm-8j6h-r933
pillow@6.2.0 · requirements.txt
GHSA-rwv7-3v45-hg29
pillow@6.2.0 · requirements.txt
GHSA-vcqg-3p29-xw73
pillow@6.2.0 · requirements.txt
GHSA-vj42-xq3r-hr3r
pillow@6.2.0 · requirements.txt
GHSA-vqcj-wrf2-7v73
pillow@6.2.0 · requirements.txt
GHSA-wjx4-4jcj-g98j
pillow@6.2.0 · requirements.txt
GHSA-xrcv-f9gm-v42c
pillow@6.2.0 · requirements.txt
PYSEC-2020-172
pillow@6.2.0 · requirements.txt
PYSEC-2020-76
pillow@6.2.0 · requirements.txt
PYSEC-2020-77
pillow@6.2.0 · requirements.txt
PYSEC-2020-78
pillow@6.2.0 · requirements.txt
PYSEC-2020-79
pillow@6.2.0 · requirements.txt
PYSEC-2020-80
pillow@6.2.0 · requirements.txt
PYSEC-2020-81
pillow@6.2.0 · requirements.txt
PYSEC-2020-82
pillow@6.2.0 · requirements.txt
PYSEC-2020-83
pillow@6.2.0 · requirements.txt
PYSEC-2020-84
pillow@6.2.0 · requirements.txt
PYSEC-2021-137
pillow@6.2.0 · requirements.txt
PYSEC-2021-138
pillow@6.2.0 · requirements.txt
PYSEC-2021-139
pillow@6.2.0 · requirements.txt
PYSEC-2021-317
pillow@6.2.0 · requirements.txt
PYSEC-2021-331
pillow@6.2.0 · requirements.txt
PYSEC-2021-35
pillow@6.2.0 · requirements.txt
PYSEC-2021-36
pillow@6.2.0 · requirements.txt
PYSEC-2021-37
pillow@6.2.0 · requirements.txt
PYSEC-2021-38
pillow@6.2.0 · requirements.txt
PYSEC-2021-39
pillow@6.2.0 · requirements.txt
PYSEC-2021-40
pillow@6.2.0 · requirements.txt
PYSEC-2021-41
pillow@6.2.0 · requirements.txt
PYSEC-2021-42
pillow@6.2.0 · requirements.txt
PYSEC-2021-69
pillow@6.2.0 · requirements.txt
PYSEC-2021-70
pillow@6.2.0 · requirements.txt
PYSEC-2021-71
pillow@6.2.0 · requirements.txt
PYSEC-2021-92
pillow@6.2.0 · requirements.txt
PYSEC-2021-93
pillow@6.2.0 · requirements.txt
PYSEC-2021-94
pillow@6.2.0 · requirements.txt
PYSEC-2022-10
pillow@6.2.0 · requirements.txt
PYSEC-2022-168
pillow@6.2.0 · requirements.txt
PYSEC-2022-42979
pillow@6.2.0 · requirements.txt
PYSEC-2022-42980
pillow@6.2.0 · requirements.txt
PYSEC-2022-8
pillow@6.2.0 · requirements.txt
PYSEC-2022-9
pillow@6.2.0 · requirements.txt
PYSEC-2023-175
pillow@6.2.0 · requirements.txt
PYSEC-2023-227
pillow@6.2.0 · requirements.txt
PYSEC-2026-165
pillow@6.2.0 · requirements.txt
PYSEC-2026-1793
pillow@6.2.0 · requirements.txt
PYSEC-2026-1794
pillow@6.2.0 · requirements.txt
PYSEC-2026-457
pillow@6.2.0 · requirements.txt
PYSEC-2023-102
scipy@1.5.4 · requirements.txt
PYSEC-2023-114
scipy@1.5.4 · requirements.txt
GHSA-q799-q27x-vp7w
opencv-python@4.1.2.30 · requirements.txt
GHSA-qr4w-53vh-m672
opencv-python@4.1.2.30 · requirements.txt
PYSEC-2023-183
opencv-python@4.1.2.30 · requirements.txt
GHSA-jjw5-xxj6-pcv5
scikit-learn@0.14 · requirements.txt
GHSA-jw8x-6495-233v
scikit-learn@0.14 · requirements.txt
PYSEC-2020-107
scikit-learn@0.14 · requirements.txt
PYSEC-2020-108
scikit-learn@0.14 · requirements.txt
PYSEC-2024-110
scikit-learn@0.14 · requirements.txt
PYSEC-2020-73
pandas@1.0.2 · requirements.txt

Method and caveats:these are sourced, dated heuristics from public GitHub data and optional dependency scans. A status like "no criticals found on 2026-07-11" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/mindspore-ai-mindspore/trust.

Common questions

Is mindspore maintained?
GraphCanon rates mindspore "Dormant" (18% maintenance signal from public GitHub metadata, computed today). Last push was 712 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
Is mindspore safe to use?
Last scanned today (deps profile). Status: 103 low - 103 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify mindspore as safe - review maintenance, provenance, and scan findings on this page before adopting.
Is mindspore a fork?
No. mindspore is not flagged as a fork in GitHub metadata at the time of the last refresh.
Does mindspore have known security vulnerabilities?
Last scanned today (deps profile). Status: 103 low - 103 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
How often is the mindspore trust report updated?
Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
What does GraphCanon never claim about mindspore?
We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for mindspore. Signals are sourced heuristics with explicit limits - see trust methodology.
How does GraphCanon assess trust for mindspore?
Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.