View esptool on Snyk Open Source Advisor

Package Health Score

63 / 100

security
Security issues found
popularity
Popular
maintenance
Healthy
community
Active

Popularity

Popular

GitHub Stars: 5.32K
Forks: 1.34K
Contributors: 110

Direct Usage Popularity

Based on project statistics from the GitHub repository for the PyPI package esptool, we found that it has been starred 5,315 times.

Security

Security issues found

Security and license risk for latest version

Release Date: Dec 14, 2023
Direct Vulnerabilities: 0
C
0
H
1
M
0
L
Indirect Vulnerabilities: 0
C
0
H
0
M
0
L
License Risk: 1
H
0
M
0
L

All security vulnerabilities belong to production dependencies of direct and indirect packages.

License

GPL-2.0

Non-Permissive License

We noticed that this project uses a license which requires less permissive conditions such as disclosing the source code, stating changes or redistributing the source under the same license. It is advised to further consult the license terms before use.

Security Policy

We found a way for you to contribute to the project! Looks like esptool is missing a security policy.

Snyk detected that the latest version of esptool has a security vulnerability.

We highly advise you to review these security issues.

You can connect your project's repository to Snyk to stay up to date on security alerts and receive automatic fix pull requests.

Fix it in your project with Snyk!

Maintenance

Healthy

Commit Frequency

Open Issues: 24
Open PR: 3
Last Release: 5 months ago
Last Commit: 10 days ago

Further analysis of the maintenance status of esptool based on released PyPI versions cadence, the repository activity, and other data points determined that its maintenance is Healthy.

We found that esptool demonstrates a positive version release cadence with at least one new version released in the past 12 months.

As a healthy sign for on-going project maintenance, we found that the GitHub repository had at least 1 pull request or issue interacted with by the community.

Community

Active

Readme: Yes
Contributing.md: Yes
Code of Conduct: No
Contributors: 110
Funding: No

A good and healthy external contribution signal for esptool project, which invites more than one hundred open source maintainers to collaborate on the repository.

We found a way for you to contribute to the project! Looks like esptool is missing a Code of Conduct.

Embed Package Health Score Badge

Keep your project healthy

Check your requirements.txt

Ensure all the packages you're using are healthy and well-maintained

Snyk Vulnerability Scanner

Get health score & security insights directly in your IDE

Package

Python Versions Compatibility: >=3.7

Age: 8 years
Latest Release: 2 months ago
Dependencies: N/A
Versions: 50
Maintainers: 2
Wheels: No

Not sure how to use esptool?

To help you get started, we've collected the most common ways that esptool is being used within popular public projects.

espressif / esptool / espefuse.py View on Github

if offset &gt;= num_bytes:
        raise RuntimeError("Invalid offset: Key block only holds %d bytes." % num_bytes)
    if len(data) &gt; num_bytes - offset:
        raise RuntimeError("Data will not fit: Key block size %d bytes, data file is %d bytes" % (num_bytes, len(data)))
    if efuses.coding_scheme == CODING_SCHEME_34:
        if offset % 6 != 0:
            raise RuntimeError("Device has 3/4 Coding Scheme. Can only write at offsets which are a multiple of 6.")
        if len(data) % 6 != 0:
            raise RuntimeError("Device has 3/4 Coding Scheme. Can only write data lengths which are a multiple of 6 (data is %d bytes)" % len(data))

    efuse = [e for e in efuses if e.register_name == args.block.upper()][0]

    if not args.force_write_always and \
       efuse.get_raw() != b'\x00' * num_bytes:
        raise esptool.FatalError("Efuse block already has values written.")

    if efuses.coding_scheme == CODING_SCHEME_NONE:
        pad = offset % 4
        if pad != 0:  # left-pad to a word boundary
            data = (b'\x00' * pad) + data
            offset -= pad
        pad = len(data) % 4
        if pad != 0:  # right-pad to a word boundary
            data += (b'\x00' * (4 - pad))
        words = struct.unpack("&lt;" + "I" * (len(data) // 4), data)
        word_offset = offset // 4
    else:  # CODING_SCHEME_34
        words = efuse.apply_34_encoding(data)
        word_offset = (offset // 6) * 2

    confirm("Burning efuse %s (%s) with %d bytes of data at offset %d in the block" % (efuse.register_name, efuse.description, len(data), offset), args)

View more ways to use esptool

FAQs

What is esptool?

A serial utility to communicate & flash code to Espressif chips. Visit Snyk Advisor to see a full health score report for esptool, including popularity, security, maintenance & community analysis.

Is esptool popular?

The python package esptool receives a total of 42,726 weekly downloads. As such, esptool popularity was classified as a popular. Visit the popularity section on Snyk Advisor to see the full health analysis.

Is esptool well maintained?

We found that esptool demonstrated a healthy version release cadence and project activity. It has a community of 110 open source contributors collaborating on the project. See the full package health analysis to learn more about the package maintenance status.

Is esptool safe to use?

Security issues were found while scanning the latest version of esptool, and a total of 1 vulnerabilities were detected. It is highly advised to conduct a security review before using this package. View the full security scan results.

Last updated on 8 May-2024, at 12:20 (UTC).

Build a secure application checklist

Select a recommended open source package

Minimize your risk by selecting secure & well maintained open source packages

DONE

Scan your app for vulnerabilities

Scan your application to find vulnerabilities in your: source code, open source dependencies, containers and configuration files

SCAN NOW

Fix identified vulnerabilities

Easily fix your code by leveraging automatically generated PRs

AUTO FIX

Monitor for new issues

New vulnerabilities are discovered every day. Get notified if your application is affected

MONITOR APP

esptool

A serial utility to communicate & flash code to Espressif chips. For more information about how to use this package see README

Ensure you're using the healthiest python packages

Package Health Score

Popularity

Direct Usage Popularity

Security

Security and license risk for latest version

Non-Permissive License

Maintenance

Commit Frequency

Community

Embed Package Health Score Badge

Keep your project healthy

Check your requirements.txt

Snyk Vulnerability Scanner

Package

Not sure how to use esptool?

esptool.py

Documentation

Contributing

FAQs

What is esptool?

Is esptool popular?

Is esptool well maintained?

Is esptool safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Fix identified vulnerabilities

Monitor for new issues

Package Health Score

Direct Usage Popularity

Security and license risk for latest version

Commit Frequency

Embed Package Health Score Badge

Keep your project healthy

Check your requirements.txt

Snyk Vulnerability Scanner

Not sure how to use esptool?

esptool.py

Documentation

Contributing

FAQs

What is esptool?

Is esptool popular?

Is esptool well maintained?

Is esptool safe to use?

Build a secure application checklist

Select a recommended open source package

Scan your app for vulnerabilities

Source Code

Open Source

Container

Config

Fix identified vulnerabilities

Monitor for new issues