Home/nndeploy/Trust report

Trust and health report

nndeploy - trust report

Sourced, dated trust signals - maintenance label posture, repository provenance, and security scan status. Not a composite safety grade.

GraphCanon updated today · GitHub synced today

Maintenance

Recency and activity heuristics from public GitHub metadata (maintenance label, momentum); methodology: github_public_v1.

Steady60% signal

last push 80d ago · last release 3mo

Provenance

Repository identity and fork provenance (github_public_v1).

Security intelligence

Source-by-source security scan results from public intelligence providers. Missing, partial, or failed queries are shown explicitly and are not treated as clean.

OSV dependency advisories

Published findings
Last query
today
Scanner
osv@v1
Stored findings
98
View source evidence

deps.dev advisories

Not queried
Scanner
deps.dev@v1
View source evidence

OpenSSF Scorecard

Not queried
Scanner
openssf-scorecard@v1

Weekly public scans omit some checks at scale.

View source evidence

Dependency advisories (deduplicated)

GHSA-9hjg-9r4m-mvj7
requests@2.31.0 · osv@v1
requirements.txt
GHSA-9wx4-h78v-vm56
requests@2.31.0 · osv@v1
requirements.txt
GHSA-gc5v-m9x4-r6x2
requests@2.31.0 · osv@v1
requirements.txt
PYSEC-2026-1872
requests@2.31.0 · osv@v1
requirements.txt
PYSEC-2026-1873
requests@2.31.0 · osv@v1
requirements.txt
PYSEC-2026-2275
requests@2.31.0 · osv@v1
requirements.txt
PYSEC-2024-38
fastapi@0.104.0 · osv@v1
requirements.txt
GHSA-2jv5-9r88-3w3p
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-59g5-xgcq-4qw3
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-5rvq-cxj2-64vf
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-6jv3-5f52-599m
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-mj87-hwqh-73pj
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-pp6c-gr5w-3c5g
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-v9pg-7xvm-68hf
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-vffw-93wf-4j4q
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-wp53-j4wj-2cfg
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-1850
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-1851
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-1852
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3036
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3037
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3038
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3039
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3040
python-multipart@0.0.6 · osv@v1
requirements.txt
PYSEC-2026-3041
python-multipart@0.0.6 · osv@v1
requirements.txt
GHSA-mr82-8j83-vxmv
pydantic@2.0.0 · osv@v1
requirements.txt
PYSEC-2026-1812
pydantic@2.0.0 · osv@v1
requirements.txt
GHSA-3749-ghw9-m3mg
torch@2.0.0 · osv@v1
requirements.txt
GHSA-53q9-r3pm-6pq6
torch@2.0.0 · osv@v1
requirements.txt
GHSA-5pcm-hx3q-hm94
torch@2.0.0 · osv@v1
requirements.txt
GHSA-887c-mr87-cxwp
torch@2.0.0 · osv@v1
requirements.txt
GHSA-c678-jfcj-6jmf
torch@2.0.0 · osv@v1
requirements.txt
GHSA-f4hp-rmr7-r7v8
torch@2.0.0 · osv@v1
requirements.txt
GHSA-pg7h-5qx3-wjr3
torch@2.0.0 · osv@v1
requirements.txt
GHSA-qfhq-4f3w-5fph
torch@2.0.0 · osv@v1
requirements.txt
GHSA-rrmf-rvhw-rf47
torch@2.0.0 · osv@v1
requirements.txt
GHSA-vgrw-7cvw-pwgx
torch@2.0.0 · osv@v1
requirements.txt
GHSA-x3gm-94wq-g975
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2024-250
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2024-251
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2024-252
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2024-259
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-191
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-198
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-203
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-204
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-205
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-206
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-207
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-208
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-209
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2025-41
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2026-139
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2026-1970
torch@2.0.0 · osv@v1
requirements.txt
PYSEC-2026-2286
torch@2.0.0 · osv@v1
requirements.txt
GHSA-3r9x-f23j-gc73
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-538c-55jv-c5g9
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-6rq9-53c3-f7vj
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-cmw6-hcpp-c6jp
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-h36j-8vv3-cj52
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-hqmj-h5c6-369m
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-hwpq-hmq9-wj77
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-p433-9wv8-28xj
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-q56x-g2fj-4rj6
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2025-10
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2025-148
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-103
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-104
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-2239
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-2240
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-2241
onnx@1.16.0 · osv@v1
requirements.txt
PYSEC-2026-2689
onnx@1.16.0 · osv@v1
requirements.txt
GHSA-29pf-2h5f-8g72
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-37mw-44qp-f5jm
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-4w7r-h757-3r74
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-59p9-h35m-wg4g
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-69w3-r845-3855
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-9356-575x-2w9m
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-fgcw-684q-jj6r
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-phhr-52qp-3mj4
transformers@4.51.0 · osv@v1
requirements.txt
GHSA-rcv9-qm8p-9p6j
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-211
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-212
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-213
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-214
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-215
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-216
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-217
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2025-218
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1977
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1980
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1981
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1983
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1986
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-1988
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-2288
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-2289
transformers@4.51.0 · osv@v1
requirements.txt
PYSEC-2026-2290
transformers@4.51.0 · osv@v1
requirements.txt

Method and caveats: these are sourced, dated heuristics from public GitHub data and external security intelligence providers. A status like "no published findings from this source" is not a guarantee of safety. Read the full trust methodology · JSON report at /api/graphcanon/tools/nndeploy-nndeploy/trust.

Common questions

Is nndeploy maintained?
GraphCanon rates nndeploy "Steady" (60% maintenance signal from public GitHub metadata, computed today). Last push was 80 days ago. This is a recency heuristic, not a guarantee the project will stay maintained.
Is nndeploy safe to use?
Last scanned today (deps profile). Status: 98 low - 98 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report. GraphCanon does not certify nndeploy as safe - review maintenance, provenance, and scan findings on this page before adopting.
Is nndeploy a fork?
No. nndeploy is not flagged as a fork in GitHub metadata at the time of the last refresh.
Does nndeploy have known security vulnerabilities?
Last scanned today (deps profile). Status: 98 low - 98 low finding(s) in the latest scan. GraphCanon does not claim the project is safe or vulnerability-free; review findings on the trust report.
How often is the nndeploy trust report updated?
Trust signals refresh on GitHub ingest/refresh cycles and optional dependency/MCP scans. This report was computed today (methodology github_public_v1).
What does GraphCanon never claim about nndeploy?
We never publish a composite safety grade, pen-test endorsement, or "verified secure" label for nndeploy. Signals are sourced heuristics with explicit limits - see trust methodology.
How does GraphCanon assess trust for nndeploy?
Signals are sourced from public GitHub metadata and optional dependency/MCP manifest scans, each tagged with methodology version and computed date. GraphCanon does not publish a composite safety grade. Read trust methodology for full scope and limits.

Was this helpful?

Anonymous feedback helps us improve pages and translations.