{ "info": { "author": "Hewlett Packard Enterprise Development LP", "author_email": "oneview-redfish-toolkit@hpe.com", "bugtrack_url": null, "classifiers": [ "Environment :: Web Environment", "Intended Audience :: Information Technology", "Intended Audience :: System Administrators", "License :: OSI Approved :: Apache Software License", "Operating System :: POSIX :: Linux", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5" ], "description": "[![Waffle.io - Columns and their card count](https://badge.waffle.io/HewlettPackard/oneview-redfish-toolkit.svg?columns=Ready,In%20Progress,Under%20Review)](https://waffle.io/HewlettPackard/oneview-redfish-toolkit) [![Build Status](https://travis-ci.org/HewlettPackard/oneview-redfish-toolkit.svg?branch=master)](https://travis-ci.org/HewlettPackard/oneview-redfish-toolkit) [![Coverage Status](https://coveralls.io/repos/github/HewlettPackard/oneview-redfish-toolkit/badge.svg?branch=master)](https://coveralls.io/github/HewlettPackard/oneview-redfish-toolkit?branch=master)\n\n# HPE OneView Redfish Toolkit\n\nThis toolkit provides a REST service to answer [DMTF's Redfish](https://www.dmtf.org/standards/redfish) compliant requests by querying HPE OneView.\n\nHPE OneView is a fresh approach to converged infrastructure management, inspired by the way you expect to work, with a single integrated view of your IT infrastructure.\n\nDMTF's Redfish is an open industry standard specification and schema that specifies a RESTful interface and utilizes JSON and OData to help customers integrate solutions within their existing tool chains.\n\n\n\n# Getting started\n\n## Requirements\n\n* **To install the application:**\n * Ubuntu 16.04 (standard server install works fine)\n * Python >=3.5\n * pip >=18.1\n * setuptools >=40.6.3\n * OpenSSL >= 1.0.2g\n * Internet connectivity\n * **To run the application (and make it useful):**\n * HPE OneView 4.0 or later\n\n## Dependencies\nAll service dependencies (besides the ones listed under requirements above) will be automatically downloaded and installed as part of installing the service.\nA full list of dependencies is available at [requirements.txt](requirements.txt) file\n\n## Installing the application\n\n```bash\n$ pip install oneview-redfish-toolkit\n```\n\n## Offline Installation\n### Obtaining Oneview Redfish Toolkit and dependencies\nYou can download offline installer at [Releases page](https://github.com/HewlettPackard/oneview-redfish-toolkit/releases).\nOr you can download the toolkit from PyPI running this command:\n```bash\n$ pip download oneview-redfish-toolkit\n```\n### Installation\nCreate Python 3.5 virtual environment and activate it:\n```bash\n$ python3.5 -m venv \n$ source /bin/activate\n```\n\nUpdate pip and setuptools to the latest version:\n```bash\n$ pip install pip -U\n$ pip install setuptools -U\n```\n\nUnzip oneview-redfish-toolkit-installer:\n```bash\n$ unzip \n```\n\nRun pip install where the files are placed:\n```bash\n$ pip install /*\n```\n\n## Running the application\n\nThe first time the application is run, it will create all the needed configuration files under user's home directory. It will also prompt for the OneView IP that you wish to connect to the redfish toolkit. This can either be a single IP address, or a comma seperated list of IP addresses. The configuration is persisted in the `redfish.conf`.\n\nBelow is an example run that will add two different OneView instances to the Redfish service:\n```\n$ oneview-redfish-toolkit\nWelcome to oneview-redfish-toolkit. Please enter a comma separated list of OneView IPs you want to connect to.\nOneview IP(s): 192.168.3.100, 192.168.3.101\nUsing configuration file: /root/.config/oneview-redfish-toolkit/redfish.conf\nUsing logging configuration file: /root/.config/oneview-redfish-toolkit/logging.conf\noneview-redfish-toolkit service is now available at 0.0.0.0:5000\n```\n\nThe following files will be created:\n\n* $HOME/.config/oneview-redfish-toolkit/\n * redfish.conf\n * logging.conf\n * redfish.log\n * certs/\n\nThe `redfish.conf` and `logging.conf` are used to customize the service, but generally, don't need to be modified. The `certs` directory is used to place the retrieved OneView certificates when the Event Service is enabled.\n\n\n\n\nYou can customize the configuration files created under the user directory, or if you want to use your own custom configuration files you can pass them as arguments. If no arguments are passed, the application will use the ones on user directory:\n\n```bash\n$ oneview-redfish-toolkit --config redfish.conf --log-config logging.conf\n```\n\n\n\n# Additional information about the toolkit\n\n## Toolkit Configuration\n\nThe toolkit configuration resides on `redfish.conf` file. All required properties have default values that will work just fine. The only empty required property, OneView IP, will be prompted for user at the first execution and will update this file with inputed value. If OneView IP change or if you want add more OneViews you can manually update the property. In the same way you can edit the `redfish.conf` file to tuning other available properties.\n\nYou can check all properties listed below:\n\n* `redfish` section\n * **indent_json**: whether JSON objects on answers are indented or not\n * **xml_prettify**: whether XML objects on answers are indented or not\n\n * **redfish_host**: the IP address where redfish service will listen to. Using `host = 0.0.0.0` means it will listen to all IP addresses.\n\n * **redfish_port**: the TCP port where redfish service will listen to\n\n * **authentication_mode**: can be `conf` or `session`.\n * **`conf`**: credentials from the conf file will be used for the requests. The toolkit will handle authentication with OneView internally. This configuration is the only mode that supports [Event Service](#event-service-notes) and it's recommended for demo purposes only.\n * **`session`**: the Redfish client must create a session and use the generated `x-auth-token` for the requests. For more details please check Session Management section.\n\n* `redfish-composition` section\n * **PowerOffServerOnCompose**: enable or disable power off the server on composition. The default value used is **ForceOff** - an immediate (hard) shutdown. If not specified (blank value) no power off action will be performed.\n * **PowerOffServerOnDecompose**: enable or disable power off the server on decomposing a system. The default value used is **ForceOff** - an immediate (hard) shutdown. If not specified (blank value) no power off action will be performed. Other option can be **GracefulShutdown** - a normal (soft) power off.\n\n* `oneview_config` section\n\n * **ip**: HPE OneView's IP/FQDN address or comma separated list of OneView's IP/FQDN address for multiple instances.\n \n Oneview Redfish Toolkit now also includes support for multiple OneView instances, allowing a single instance of the service manage more than one OneView instance instead of instantiating a new service for each HPE OneView that is part of the solution. It simplifies for the Redfish client that does not need to handle multiple connections to the Redfish services.\n\n* `credentials` section\n\n * **username**: HPE OneView's username\n \n * **password**: HPE OneView's password\n\n * **authLoginDomain**: HPE OneView's authentication login domain. If not set, defaults to \"Local\".\n\n Note: HPE OneView credentials are used only for authentication_mode set to \"conf\". They are stored in clear-text. Make sure only authorized users can access this file. When handling multiple OneView instances, make sure all instances have this username/password enabled.\n\n* `event_service` section\n\n * **DeliveryRetryAttempts**: The value of this property shall be the number of retrys attempted for any given event to the subscription destination before the subscription is terminated.\n \n * **DeliveryRetryIntervalSeconds**: The value of this property shall be the interval in seconds between the retry attempts for any given event to the subscription destination.\n\n* `ssl` section\n\n * **SSLType**: select one of the options below. The default value used is **adhoc**.\n * **disabled**: no SSL. Flask will be used as the web server.\n * **adhoc**: SSL is enabled with self-signed keys generated by the server every time you start the server. Flask will be used as the web server.\n * **self-signed**: SSL is enabled with a self-signed cert generated in the certs directory if no files named self-signed.crt and self-signed.key exists in that directory. This will create the certificates on the first run and every time you delete the files and restart the server. The directory **certs must** exist in the system root directory) certs (SSL is enabled with keys provided by user in the fields below). Cherrypy will be used as the web server unless the toolkit is initialized in development and debug mode (arguments set \"--dev\" and \"--debug\"). In this case, Flask will be used as the web server.\n \n * **SSLCertFile**: The user SSL cert file.\n\n * **SSLKeyFile**: The user SSL key file. Should not have a password.\n\n* `ssl-cert-defaults` section: Defines the values used in the self-signed generated certificate\n\n * **countryName**: The name of the country. **Required!**\n \n * **stateOrProvinceName**: The name of the state or province. **Required!**\n\n * **localityName**: Name of the locality (city for example). **Required!**\n\n * **organizationName**: Name of the organization (company name for example). **Required!**\n \n * **organizationalUnitName**: Name of the organizational unit (department for example). **Required!**\n\n * **commonName**: FQDN of the server or it's IP address. If not provided will detect de default route IP and use it. **Optional.**\n \n * **emailAddress**: Email address to contact the responsible for this server/certificate. This is an optional information. Will not be added to certificate if not informed. **Optional.**\n\n* `cherrypy_config` section: See advanced CherryPy configuration [here](http://docs.cherrypy.org/en/latest/index.html)\n\n## Logging\n\nLogging configuration can be found in `logging.conf` file. The provided configuration enables INFO level at both console and file output, which will generate a `redfish.log`, `redfish_performance.log` and `redfish_ov_data.log` files at `$HOME/.config/oneview-redfish-toolkit/`.\n\nThe application has two extended logs, where all logs will be created on the same directory `$HOME/.config/oneview-redfish-toolkit/`:\n\n#### Performance logger\n\nFor each Redfish Toolkit API request the performance logger will log the elapsed time for each OneView SDK request triggered, the amount elapsed time for all OneView SDK requests, the overhead toolkit process elapsed time and the total elapsed time for the Redfish Toolkit API request. So we can monitoring the OneView performance and the redfish toolkit performance as well. It will be log on `redfish_performance.log` file once enabled on `logging.conf` by changing its level and the root log level as DEBUG. Log example:\n```\n2018-10-10 15:42:41,112 - perf - DEBUG - Thread 139974930331392 - OneView request: server_profile_templates.get: 0.02929878234\n2018-10-10 15:42:42,304 - perf - DEBUG - Thread 139974930331392 - OneView request: server_hardware.get_all: 0.03278422355\n2018-10-10 15:42:43,231 - perf - DEBUG - Thread 139974930331392 - OneView request: server_hardware.get_all: 0.03367638587\n2018-10-10 15:42:43,291 - perf - DEBUG - Thread 139974930331392 - OneView process: 0.09575939176\n2018-10-10 15:42:43,291 - perf - DEBUG - Thread 139974930331392 - Redfish process: 0.01273488998413086\n2018-10-10 15:42:43,294 - perf - DEBUG - Thread 139974930331392 - Total process: 0.10849428174\n```\n\n#### OneView Data logger\n\nThe OneView data logger will log the result for each OneView SDK request triggered. So we can check OneView data retrieved for each OneView SDK request. It will be log on `redfish_ov_data.log` file once enabled on `logging.conf` by changing its level and the root log level to DEBUG. Log example:\n```\n2018-10-10 15:42:43,230 - ovData - DEBUG - Thread 139974930331392 - Request to Oneview 'oneview.net', calling 'server_hardware.get_all' with args () and kwargs {}. Result: []\n```\n\n\n#### Enabling loggers\n\nYou can enable loggers `Performance`, `OneView Data` and others by setting its level and root logger level as DEBUG on the `logging.conf` file. For example:\n\n```\n[logger_root]\nlevel=DEBUG\n\n[logger_performance]\npropagate=0\nlevel=DEBUG\n...\n```\nYou can customize extended logs to have default entry logs as well. To do this add the extended loggers handlers to the root logger:\n```\n[logger_root]\nlevel=DEBUG\nhandlers=consoleHandler,defaultFileHandler,performanceFileHandler,oneviewDataFileHandler\n```\n\n### Development Environment\n\nIn order to run tests and documentation generation `tox` is also needed. General instructions on how to install are available [here](https://tox.readthedocs.io/en/latest/install.html).\n\nWe recommend to run inside a virtual environment. You can create one running:\n\n```bash\n$ virtualenv env_name_you_choose -p python3.5 # to create a Python3.5 environment, for example\n$ source env_name_you_choose/bin/activate # load the environment\n```\n\nOnce the environment is loaded, download and uncompress the latest version from [releases page](https://github.com/HewlettPackard/oneview-redfish-toolkit/releases), or clone current development version running:\n\n```bash\n$ git clone https://github.com/HewlettPackard/oneview-redfish-toolkit.git\n```\n\nThen, proceed with:\n\n```bash\n$ cd oneview-redfish-toolkit # enter the service folder\n# edit redfish.conf\n$ pip install -r requirements.txt # to install all requirements into the virtual environment\n$ ./run.sh # to launch the service\n```\n\n## SDK Documentation\n\nThe latest version of the SDK documentation can be found in the [SDK Documentation section](https://hewlettpackard.github.io/oneview-redfish-toolkit/index.html).\n\n> Note: This documentation has been manually updated following the steps found [here](https://github.com/HewlettPackard/python-hpOneView/blob/master/deploy.sh).\n\n## Session Management\n\nAs specified in the Redfish spec, the endpoints `/redfish` and `/redfish/v1` can be accessed unauthenticated, also POST to Sessions Collection (that's how a Redfish session can be established).\n\nTo create a Redfish session, the redfish client must authenticate himself using his own username and password sending a post request to `/redfish/v1/SessionService/Sessions`. Since current toolkit implementation delegates the session management to OneView, the Redfish client must pass a valid OneView user and password:\n\n```bash\ncurl -i -X POST \\\n -H \"Content-Type:application/json\" \\\n https://:5000/redfish/v1/SessionService/Sessions \\\n -d '{\"UserName\": \"administrator\", \"Password\": \"password\"}'\n```\nOne of the headers in the response is `X-Auth-Token` that should be send for all subsequent requests:\n\n```bash\ncurl -X GET \\\n -H \"X-Auth-Token: NzQ8ODI6MTcxOTkxRdvdtE-HaNeFgkoylkaQVA3l1uIsHxQ7\" \\\n https://:5000/redfish/v1/Systems\n```\nWhen handling multiple OneView instances, make sure all instances have this username/password enabled.\n\n\n## Event Service notes\n\nCurrent implementation follows Redfish specification [DSP0266 version 1.5.0](https://www.dmtf.org/sites/default/files/standards/documents/DSP0266_1.5.0.pdf). Event Service works only when authentication_mode is set to `conf` and does not support multiple OneView instances, hence it's not production ready. As it connects directly to HPE OneView SCMB, the toolkit will request OneView to generate SCMB certs and download the certs to the correct location. The certs file are: **oneview\\_ca**: OneView's CA cert file located at: `certs/oneview_ca.pem`. **scmb\\_cert**: OneView's SCMB Client cert file located at: `certs/oneview_scmb.pem`. **scmb\\_key**: OneView's SCMB Client key file located at: `certs/oneview_scmb.key`\n\n> In order to integrate properly with OneView, the OneView API 300 is required to be supported by OneView instance.\n\nOnly alerts and events related to enclosures, racks and server hardware are being monitored and will generate the following Redfish events: ResourceAdded, ResourceUpdated and ResourceRemoved.\n\n## Composition Service\n\nCurrent implementation follows Redfish specification [DSP2050 version 1.0.0](https://www.dmtf.org/sites/default/files/standards/documents/DSP2050_1.0.0.pdf) and does not use any OEM (vendor specific) attributes. One of the biggest challenges of adding composability support was to identify what type of Resource Blocks that should be available since full composability is not available due to limitations in the current specification. A first approach leveraging OneView server profile templates was proposed and evaluated with Redfish authors. With this proposal each OneView server profile template maps to Redfish Resource Zones that may list three types of resource blocks:\n*\t**Storage Resource Block**: each SAS drive from drive enclosures is mapped for a specific Resource Zone if the SAS storage controller is present in the server profile template. This block presents information about CapacityBytes, Protocol, and MediaType. Other storage types such as DAS and SAN disk are out of scope.\n*\t**Network Resource Block**: all connections (network and network sets) specified in the server profile template are mapped to Ethernet interfaces that are part of a Network Resource Block. This block presents information about network name, speedMbps, and VLANs.\n*\t**Computer System Resource Block**: each server that matches the server hardware type in the server profile template (Resource Zone) is mapped as a Computer System Resource Block. This block presents information about Processor (Model, MaxSpeedMHz, TotalCores) and Memory. The OneView Redfish service is responsible for making sure to list only Computer System Resource Blocks and Storage Resource Blocks that can be composed (located in the same Enclosure) for a specific Resource Zone. This is a different model than OneView, so extra validation was implemented rather than relying on the OneView server profile API directly.\n\nOn a Compose request, the Redfish client must select one Computer System Resource Block, one Network Resource Block, and as many Storage Resource Blocks as desired from the available Resource Blocks on the selected Resource Zone. The required attributes in the compose request are specified in the Capabilities Object. A server profile will be created leveraging the server profile template as identified in the POST request. Each Storage Resource Block (SAS drive) will be configured as external logical JBOD (logical drives are out of scope).\n\n**Important**: To have the Composition Service functional, the administrator must create OneView server profile templates in advance. To allow Storage Resource Blocks in composition requests via the OneView Redfish service, the SAS storage controller should be configured, however, no drives should be added in the template (they will be assigned to the profile on the composition request).\n\n## Contributing\n\nYou know the drill. Fork it, branch it, change it, commit it, and pull-request it. We are passionate about improving this project, and are glad to accept help to make it better. However, keep the following in mind:\n\nWe reserve the right to reject changes that we feel do not fit the scope of this project. For feature additions, please open an issue to discuss your ideas before doing the work.\n\n## Feature Requests\n\nIf you have a need not being met by the current implementation, please let us know (via a new issue). This feedback is crucial for us to deliver a useful product. Do not assume that we have already thought of everything, because we assure you that is not the case.\n\n## Testing\n\nWe have already packaged everything you need to do to verify if the code is passing the tests. The tox script wraps the unit tests execution against Python 3, flake8 validation, and the test coverage report generation.\n\nRun the following command:\n\n```\n$ tox\n```\n\n## License\n\nThis project is licensed under the Apache License 2.0.", "description_content_type": "text/markdown", "docs_url": null, "download_url": "https://github.com/HewlettPackard/oneview-redfish-toolkit/tarball/0.4.0", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/HewlettPackard/oneview-redfish-toolkit", "keywords": "", "license": "'Apache License 2.0'", "maintainer": "", "maintainer_email": "", "name": "oneview-redfish-toolkit", "package_url": "https://pypi.org/project/oneview-redfish-toolkit/", "platform": "", "project_url": "https://pypi.org/project/oneview-redfish-toolkit/", "project_urls": { "Download": "https://github.com/HewlettPackard/oneview-redfish-toolkit/tarball/0.4.0", "Homepage": "https://github.com/HewlettPackard/oneview-redfish-toolkit" }, "release_url": "https://pypi.org/project/oneview-redfish-toolkit/0.4.0/", "requires_dist": null, "requires_python": ">=3.5", "summary": "'This toolkit provides a REST service to answer DMTF\\'s Redfish compliant requests by querying HPE OneView.'", "version": "0.4.0", "yanked": false, "yanked_reason": null }, "last_serial": 8595364, "releases": { "0.3.0": [ { "comment_text": "", "digests": { "md5": "9e9e3e34037c59451f38139fc1991fda", "sha256": "66bb7bd6ae0a5e6dea2ef0928733a2eb80665313e7189df10da09f232e08d8ab" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.3.0.tar.gz", "has_sig": false, "md5_digest": "9e9e3e34037c59451f38139fc1991fda", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 990296, "upload_time": "2018-10-16T21:36:19", "upload_time_iso_8601": "2018-10-16T21:36:19.639618Z", "url": "https://files.pythonhosted.org/packages/f9/fd/2f90c9e0018c0f0df920d352c2ab75c4af6880e014f33b065449f18cf067/oneview-redfish-toolkit-0.3.0.tar.gz", "yanked": false, "yanked_reason": null } ], "0.3.1": [ { "comment_text": "", "digests": { "md5": "3ee67921544a3c281a8c1e326c056503", "sha256": "8454e8473cf046d5d0a7e750ea170dfd842b1af9114c8bec55897a65733c8dfc" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.3.1.tar.gz", "has_sig": false, "md5_digest": "3ee67921544a3c281a8c1e326c056503", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 993105, "upload_time": "2018-10-18T19:05:02", "upload_time_iso_8601": "2018-10-18T19:05:02.094444Z", "url": "https://files.pythonhosted.org/packages/74/66/779d93ccef327191ab63a9c34c061a0b97a5f7ba7aaf51cd668e281aad1e/oneview-redfish-toolkit-0.3.1.tar.gz", "yanked": false, "yanked_reason": null } ], "0.3.2": [ { "comment_text": "", "digests": { "md5": "a98d86b47895f1cb76b5d55851703228", "sha256": "51991d534110ad60a821fdd51eeeb0411a3085c28eb2f98aa206cad7542acdbf" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.3.2.tar.gz", "has_sig": false, "md5_digest": "a98d86b47895f1cb76b5d55851703228", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 789754, "upload_time": "2018-12-14T12:48:35", "upload_time_iso_8601": "2018-12-14T12:48:35.444804Z", "url": "https://files.pythonhosted.org/packages/cc/89/d12343159842aca72a9de156df491aa405fb57ced54709e7b9bdd0c2cdf6/oneview-redfish-toolkit-0.3.2.tar.gz", "yanked": false, "yanked_reason": null } ], "0.3.3": [ { "comment_text": "", "digests": { "md5": "dc2090b0a305b2f0fd82183fed0cd70e", "sha256": "cdd2f349e3936ba55a0f99bda310b1f86689b636e58eba052049d99043683f93" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.3.3.1.tar.gz", "has_sig": false, "md5_digest": "dc2090b0a305b2f0fd82183fed0cd70e", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 796764, "upload_time": "2019-11-29T09:25:38", "upload_time_iso_8601": "2019-11-29T09:25:38.440200Z", "url": "https://files.pythonhosted.org/packages/a6/5f/48f5931b281832fd203ad1d630fe5c99a9f17947fbbd7b411018bd412d12/oneview-redfish-toolkit-0.3.3.1.tar.gz", "yanked": false, "yanked_reason": null } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "46e1d68b058aa67bcac56df4ef11b068", "sha256": "e9b68b75855192fd8ec17b901f797e9c5fb7a8f51d3dccb55da1c53f894ee8ad" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.4.0.tar.gz", "has_sig": false, "md5_digest": "46e1d68b058aa67bcac56df4ef11b068", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 797359, "upload_time": "2020-11-06T09:07:40", "upload_time_iso_8601": "2020-11-06T09:07:40.516372Z", "url": "https://files.pythonhosted.org/packages/09/2a/2186b5b710b7666278d7f4f74c1fb26eeaf84e88e61defc574070a27ceb2/oneview-redfish-toolkit-0.4.0.tar.gz", "yanked": false, "yanked_reason": null } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "46e1d68b058aa67bcac56df4ef11b068", "sha256": "e9b68b75855192fd8ec17b901f797e9c5fb7a8f51d3dccb55da1c53f894ee8ad" }, "downloads": -1, "filename": "oneview-redfish-toolkit-0.4.0.tar.gz", "has_sig": false, "md5_digest": "46e1d68b058aa67bcac56df4ef11b068", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5", "size": 797359, "upload_time": "2020-11-06T09:07:40", "upload_time_iso_8601": "2020-11-06T09:07:40.516372Z", "url": "https://files.pythonhosted.org/packages/09/2a/2186b5b710b7666278d7f4f74c1fb26eeaf84e88e61defc574070a27ceb2/oneview-redfish-toolkit-0.4.0.tar.gz", "yanked": false, "yanked_reason": null } ], "vulnerabilities": [] }