capy
Version: 0.7.0Encrypt your .env. Sync it across your team. Ship it anywhere.
What is "capy"?
Encrypt your .env. Sync it across your team. Ship it anywhere.
How to use this package
Quick install
Installs the package into the current environment for this session. Use --build or --runtime to persist it as a build-time or runtime dependency.
min add capyDeclare as a task dependency in minimal.toml
Listing the package under tasks.<name>.packages makes it available inside that task’s sandbox.
[tasks.dev]
packages = ["capy"]Build-time vs runtime
Choose build-time for tools needed during compilation, runtime for dynamic libraries loaded at runtime.
min add --build capy
min add --runtime capyDependencies (6)
Dependency changes
Loading diff…
Could not load the dependency diff for one of the selected versions. Try again.
No dependency changes
The two selected versions have identical direct dependencies.
| Name | Version | Kind |
|---|
No dependants
No other packages in the registry depend on this one.
No direct advisories
This package inherits 11 transitive advisories from its dependencies.
Showing 11 transitive advisories via capy's dependencies
No advisories match the current filters.
| Critical ( 1 ) | ||||||
| Status | IDs | Package | Severity | |||
|---|---|---|---|---|---|---|
| Under investigation | glibc | Critical: 9.8 | ||||
SummaryCalling the scanf family of functions with a %mc (malloc'd character match) in the GNU C Library version 2.7 to version 2.43 with a format width specifier with an explicit width greater than 1024 could result in a one byte heap buffer overflow. ViaAffected ranges2.42 – 2.43 CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | ||||||
| High ( 7 ) | ||||||
| Status | IDs | Package | Severity | |||
| Under investigation | glibc | High: 7.5 | ||||
SummaryCalling the ungetwc function on a FILE stream with wide characters encoded in a character set that has overlaps between its single byte and multi-byte character encodings, in the GNU C Library version 2.43 or earlier, may result in an attempt to read bytes before an allocated buffer, potentially resulting in unintentional disclosure of neighboring data in the heap, or a program crash. A bug in the wide character pushback implementation (_IO_wdefault_pbackfail in libio/wgenops.c) causes ungetwc() to operate on the regular character buffer (fp->_IO_read_ptr) instead of the actual wide-stream read pointer (fp->_wide_data->_IO_read_ptr). The program crash may happen in cases where fp->_IO_read_ptr is not initialized and hence points to NULL. The buffer under-read requires a special situation where the input character encoding is such that there are overlaps between single byte representations and multibyte representations in that encoding, resulting in spurious matches. The spurious match case is not possible in the standard Unicode character sets. ViaAffected ranges2.42 – 2.43 CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | ||||||
| Under investigation | glibc | High: 7.5 | ||||
SummaryThe iconv() function in the GNU C Library versions 2.43 and earlier may crash due to an assertion failure when converting inputs from the IBM1390 or IBM1399 character sets, which may be used to remotely crash an application. This vulnerability can be trivially mitigated by removing the IBM1390 and IBM1399 character sets from systems that do not need them. ViaAffected ranges2.42 – 2.43 CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | ||||||
| Under investigation | glibc | High: 7.5 | ||||
SummaryCalling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C Library version 2.34 to version 2.43 could, with a crafted response from the configured DNS server, result in a violation of the DNS specification that causes the application to treat a non-answer section of the DNS response as a valid answer. ViaAffected ranges2.42 – 2.43 CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H | ||||||
| Fix unavailable | pcre2 | High | ||||
SummaryHeap-buffer-overflow in pcre2_compile_32 Affected ranges10.47 References | ||||||
| Affected: 3.6.3 | openssl | High: 7.5 | ||||
SummaryNo summary published for this advisory. Affected ranges3.6.0 – 3.6.3 CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H References
| ||||||
| Resolved in 7.9.0* | node-lts | High: 7.5 | ||||
Summarynpm packing does not respect root-level ignore files in workspaces ViaAffected ranges7.9.0*, fixed in 7.9.0* Fixed in7.9.0* CVSS vectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References
| ||||||
| Resolved in 0df65d82dbc41e8da00adb243de5918db532c8a6 | openssl | High | ||||
SummaryHeap-buffer-overflow in asn1_ex_i2c Affected ranges0df65d82dbc41e8da00adb243de5918db532c8a6, fixed in 0df65d82dbc41e8da00adb243de5918db532c8a6 Fixed in0df65d82dbc41e8da00adb243de5918db532c8a6 References | ||||||
| Medium ( 1 ) | ||||||
| Status | IDs | Package | Severity | |||
| Under investigation | glibc | Medium: 5.4 | ||||
SummaryCalling gethostbyaddr or gethostbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend in the GNU C library version 2.34 to version 2.43 could result in an invalid DNS hostname being returned to the caller in violation of the DNS specification. ViaAffected ranges2.42 – 2.43 CVSS vectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N | ||||||
| Low ( 0 ) | ||||||
| Status | IDs | Package | Severity | |||
| Unknown ( 2 ) | ||||||
| Status | IDs | Package | Severity | |||
| Under investigation | pcre2 | Unknown | ||||
Summarypcre2_serialize_encode() information disclosure Affected ranges10.45 – 10.47 | ||||||
| Resolved in 1fc9175166fc5c5117838a1dcfb309b7c595eb56 | file | Unknown | ||||
SummaryUNKNOWN WRITE in regcomp Affected ranges1fc9175166fc5c5117838a1dcfb309b7c595eb56, fixed in 1fc9175166fc5c5117838a1dcfb309b7c595eb56 Fixed in1fc9175166fc5c5117838a1dcfb309b7c595eb56 References | ||||||
66 components
No components match your filter.
| Packages | Version |
|---|---|
| capy ROOT | 0.7.0 |
| acl | 2.3.2 |
| attr | 2.5.2 |
| autoconf | 2.73 |
| automake | 1.18.1 |
| bash | 5.3 |
| bash-bootstrap | 5.3 |
| binutils | 2.46.1 |
| bison | 3.8.2 |
| bzip2 | 1.0.8 |
| c-ares | 1.34.6 |
| ca-certificates | |
| cmake | 4.2.3 |
| coreutils | 9.11 |
| curl | 8.20.0 |
| diffutils | 3.12 |
| expat | 2.7.5 |
| file | 5.47 |
| findutils | 4.10.0 |
| flex | 2.6.4 |
| gawk | 5.4.0 |
| gawk-bootstrap | 5.3.2 |
| gcc | 15.2.0 |
| gdbm | 1.26 |
| gettext | 1.0 |
| git | 2.54.0 |
| glibc | 2.43 |
| gmp | 6.3.0 |
| grep | 3.12 |
| gtest | 1.17.0 |
| gzip | 1.14 |
| icu | 78.3 |
| libcap | 2.78 |
| libffi | 3.5.2 |
| libidn2 | 2.3.8 |
| libpsl | 0.21.5 |
| libtool | 2.5.4 |
| libunistring | 1.4.2 |
| libuv | 1.52.1 |
| linux_headers | 6.12.43 |
| lz4 | 1.10.0 |
| m4 | 1.4.21 |
| make | 4.4.1 |
| meson | 1.10.1 |
| mpc | 1.4.0 |
| mpfr | 4.2.2 |
| ncurses | 6.5-20250830 |
| nghttp2 | 1.68.1 |
| nghttp3 | 1.15.0 |
| ngtcp2 | 1.22.1 |
| ninja | 1.13.2 |
| node-lts | 24.14.1 |
| openssl | 3.6.3 |
| pcre2 | 10.47 |
| perl | 5.42.0 |
| pkgconf | 2.5.1 |
| python | 3.14.5 |
| readline | 8.3 |
| sed | 4.9 |
| setuptools | 82.0.1 |
| sqlite | 3.50.4 |
| tar | 1.35 |
| util-linux | 2.42.1 |
| xz | 5.8.3 |
| zlib | 1.3.2 |
| zstd | 1.5.7 |