Pillow logo

Pillow

#804 · by python-pillow
visionimage-understandingOCR
3.24/ 5.00
trustedBeta
Mar 3, 2026 at 7:21 AM6 signals analysed100 commits (90d)No manual reviews · fully automated
Trust Signal Breakdown
high3 sub-signals across 6 dimensions

CVEs, dependency health, and supply chain integrity

3 of 3 sub-signals with data

Known CVEs40%2.9

61 CVE(s) found — 0 unpatched

via OSV.dev

Dependency Health30%4.0

26 dependencies (low)

via npm / PyPI

Supply Chain30%4.8

15 transitive CVEs found (penalty: -0.25)

via npm provenance

Uptime, latency, error rates, and incident history

0 of 0 sub-signals with data

Commit recency, release cadence, issue response, CI/CD

0 of 0 sub-signals with data

Downloads, stars, dependents, and growth trajectory

0 of 0 sub-signals with data

License, documentation, security policy, changelog

0 of 0 sub-signals with data

Track record, org maturity, community standing

0 of 0 sub-signals with data

About this score
Scored across 3 sub-signals in 6 dimensionsScoring engine v1 (beta) — actively being expandedPhase 1: Core sub-signal architecture (live)Phase 2: Permission scope & expanded collection (in progress)
Trust AssessmentAI Assessment

Modern fork of the Python Imaging Library providing image processing capabilities including format conversion, filtering, enhancement, and drawing operations.

Package Availability (30d)
100.00%
p50: 101ms · p99: 111ms
Avg Latency
97ms
averaged across 30d health checks
Weekly Downloads
73.0M
PyPI weekly
Transparency & Compliance3/6 passed
Open Source CodePublic repository on GitHub
OSI LicenseNo recognized open-source license
DocumentationREADME with examples/code blocks
SECURITY.mdNo security policy found
API DocumentationOpenAPI spec or docs directory found
Model / System CardNo model card found
Incidents & Alertslast 90 days
Mar 1Trust score decreased by 0.583.24
Feb 25Critical CVE detected — patched in v10.2.03.52
Feb 25Trust score increased by 2.533.52
Feb 23pillow added to Trust Index0.99
Feb 23112 known CVE(s) detected in dependencies0.99
Showing 5 of 5 events
Score History4 snapshots
5.003.752.501.250.00
Feb 23Mar 1
Community & Ecosystemadoption signals
73.0M
Weekly Downloads
PyPI
100
Commits (90d)
Pillow
10
Releases
avg 86d apart
Supply Chain & Dependenciestrust chain
arro3-compute
pypi · *
arro3-core
pypi · *
check-manifest
pypi · *
coverage
pypi · >=7.4.2; extra == "tests"
defusedxml
pypi · *
furo
pypi · *
Showing 6 of 22 dependencies
Data Sources6 indexed
OSV.devCVE database · vulnerability scanning for npm & PyPI packages
GitHub APICommits, issues, releases, repo metadata, transparency checks
npm RegistryPackage metadata, weekly downloads, maintainers, dependencies
PyPIPackage metadata, weekly downloads, dependency tree
HTTP Health Checks15-min pings · uptime, latency, status monitoring
PyPI StatsDownload statistics and trends
Version Historyscore per release
VERSIONRELEASEDSCOREDELTA
12.1.1Feb 11, 20263.52
12.1.0Jan 2, 20263.52
12.0.0Oct 15, 20253.52
11.3.0Jul 1, 20253.52
11.2.1Apr 12, 20253.52
11.1.0Jan 2, 20253.52
Showing 6 of 10 releases

Are you the publisher?

Claim this profile to unlock deeper evaluation, real-time monitoring,
and trust signals that help agents discover your service.

Share this Trust Score

Generate a scorecard image optimised for X, LinkedIn and other social platforms.

⬇ Download Score Card