root/pypi: links for vulne