astral-sh/ruff · Security & risks
Authoritative risk signals for astral-sh/ruff — dependency CVEs (deps.dev), OpenSSF Scorecard, and GitHub Code Scanning. Not a substitute for your own security review.
Dependency CVEs (deps.dev)
0
Critical
0 direct
0
High
0 direct
0
Moderate
0
Deps scanned
0 direct
OpenSSF Scorecard · 5.8/10
- Branch-Protection—
- Dependency-Update-Tool0/10
- Security-Policy0/10
- SAST0/10
- Code-Review2/10
- Maintained10/10
- License10/10
- CI-Tests10/10
Ask AI about astral-sh/ruff
Grounded in the actual source code. Pick a starter question or write your own.
What does this repo do, in one paragraph?How would I get started using it?What are the main alternatives?Show me the entry point.
Or write your own question →Informational only. RepoPilot summarises public signals at the time of analysis; they can be incomplete or stale. Not professional, security, or legal advice.