Http Message Signatures is used in Python projects. An implementation of the IETF HTTP Message Signatures draft standard It has 1 direct runtime dependency. Check its dependency graph on PyDeps to understand the full transitive dependency tree, reverse dependents, known CVEs, and license compatibility before installing.
An implementation of the IETF HTTP Message Signatures draft standard
http-message-signatures declares 1 direct runtime dependency on PyPI. Each one is resolved into the full dependency tree below:
Beyond its direct dependencies, http-message-signatures can pull in further packages through its dependency tree. PyDeps resolves the entire chain from PyPI and deps.dev so you can see every transitive (nested) dependency of http-message-signatures, expand any node on demand, and understand the full set of code that ships when you run pip install http-message-signatures.
PyDeps checks http-message-signatures and every package in its dependency tree against the OSV vulnerability database in real time. For each CVE you can see the severity, the affected version ranges, and the first fixed version, so you know exactly which http-message-signatures version is safe to install before you ship.
http-message-signatures is distributed under the Apache Software License. PyDeps also shows the license of every dependency in the tree so you can audit license compatibility across your whole http-message-signatures install, not just the top-level package.
Install from PyPI with pip install http-message-signatures. For offline or air-gapped environments, PyDeps can download http-message-signatures together with every resolved dependency as wheel files in a single bundle, matched to your target Python version and operating system.
Switch to the dependents view to see the reverse dependencies of http-message-signatures — the PyPI packages that list http-message-signatures as a requirement. Reverse dependencies are a strong signal of how widely a package is trusted and how disruptive a breaking change would be.