Tools / AdalFlow / Dependencies

Dependency Analysis

AdalFlow

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

27% Freshness

473 Dependencies

292 Outdated

0 Stale

11.2 Avg Behind

Dependency List

Latest release v1.1.3

All 472 Outdated 347 Has CVE 50 GPL 4

Dependency	Type	Current	Latest	Behind	CVE	License
langchain-core pypi	Direct	0.2.43	1.4.0	142 behind	5 critical	MIT
litellm pypi	Direct	1.74.9.post1	1.88.0.dev1	118 behind	4 critical	LicenseRef-scancode-commercial-license AND LicenseRef-scancode-other-permissive AND MIT
mlflow pypi	Direct	3.1.4	3.13.0	35 behind	13 critical	Apache-2.0
langchain-community pypi	Direct	0.2.19	0.4.2	30 behind	2 critical	MIT
nltk pypi	Direct	3.9.1	3.9.4	3 behind	7 critical	Apache-2.0
jupyterlab pypi	Direct	4.4.5	4.5.7	26 behind	4 high	BSD-3-Clause AND MIT
mcp pypi	Direct	1.12.3	1.27.2	25 behind	1 high	MIT AND Python-2.0
notebook pypi	Direct	7.4.4	7.5.6	23 behind	2 high	BSD-3-Clause
protobuf pypi	Direct	5.29.5	7.35.0	22 behind	1 high	BSD-3-Clause AND LicenseRef-scancode-protobuf
langchain-text-splitters pypi	Direct	0.2.4	1.1.2	21 behind	2 high	MIT
starlette pypi	Direct	0.47.2	1.2.1	16 behind	1 high	BSD-2-Clause AND BSD-3-Clause
cryptography pypi	Direct	45.0.5	48.0.0	12 behind	3 high	Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause)
azure-core pypi	Direct	1.35.0	1.41.0	10 behind	1 high	LicenseRef-scancode-generic-cla AND MIT
black pypi	Direct	24.10.0	26.5.1	10 behind	1 high	MIT
python-multipart pypi	Direct	0.0.20	0.0.30	10 behind	3 high	Apache-2.0
orjson pypi	Direct	3.11.1	3.11.9	8 behind	1 high	Apache-2.0 AND MIT
aiohttp pypi	Direct	3.12.15	3.14.0	7 behind	18 high	Apache-2.0 AND MIT
gitpython pypi	Direct	3.1.45	3.1.50	5 behind	4 high	BSD-3-Clause
jupyter-server pypi	Direct	2.16.0	2.19.0	5 behind	4 high	BSD-3-Clause
tornado pypi	Direct	6.5.1	6.5.6	5 behind	3 high	Apache-2.0
urllib3 pypi	Direct	2.5.0	2.7.0	5 behind	3 high	MIT
nbconvert pypi	Direct	7.16.4	7.17.1	4 behind	3 high	BSD-2-Clause AND BSD-3-Clause
pillow pypi	Direct	11.3.0	12.2.0	4 behind	6 high	LicenseRef-scancode-secret-labs-2011 AND MIT-CMU
pyjwt pypi	Direct	2.10.1	2.13.0	4 behind	1 high	MIT
mistune pypi	Direct	3.1.3	3.2.1	3 behind	1 high	BSD-3-Clause
ujson pypi	Direct	5.10.0	5.12.1	3 behind	2 high	BSD-2-Clause AND BSD-3-Clause
mako pypi	Direct	1.3.10	1.3.12	2 behind	2 high	MIT
pyasn1 pypi	Direct	0.6.1	0.6.3	2 behind	2 high	BSD-2-Clause
langsmith pypi	Direct	0.1.147	0.8.9	217 behind	1 medium	MIT
transformers pypi	Direct	4.54.1	5.10.1	38 behind	1 medium	Apache-2.0
virtualenv pypi	Direct	20.32.0	21.4.2	27 behind	1 medium	MIT
filelock pypi	Direct	3.18.0	3.29.1	21 behind	2 medium	Unlicense
dspy pypi	Direct	2.6.27	3.2.1	17 behind	1 medium	MIT
marshmallow pypi	Direct	3.26.1	4.3.0	12 behind	1 medium	BSD-3-Clause AND MIT
fonttools pypi	Direct	4.59.0	4.63.0	10 behind	1 medium	Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1
urllib3 pypi	Direct	1.26.20	2.7.0	9 behind	1 medium	MIT
requests pypi	Direct	2.32.4	2.34.2	7 behind	1 medium	Apache-2.0
gdown pypi	Direct	5.2.0	6.1.0	5 behind	1 medium	MIT
pytest pypi	Direct	8.4.1	9.0.3	5 behind	1 medium	MIT
werkzeug pypi	Direct	3.1.3	3.1.8	5 behind	3 medium	BSD-2-Clause AND BSD-3-Clause
python-dotenv pypi	Direct	1.1.1	1.2.2	3 behind	1 medium	BSD-3-Clause
sqlparse pypi	Direct	0.5.3	0.5.5	2 behind	1 medium	BSD-2-Clause AND BSD-3-Clause
h2 pypi	Direct	4.2.0	4.3.0	1 behind	1 medium	MIT
diskcache pypi	Direct	5.6.3	5.6.3	Current	1 medium	Apache-2.0
torch pypi	Direct	2.7.1	2.12.0	Current	1 medium	Unknown
langchain-openai pypi	Direct	0.1.25	1.2.2	82 behind	1 low	MIT
cryptography pypi	Direct	43.0.3	48.0.0	22 behind	1 low	BSD-3-Clause OR Apache-2.0
flask pypi	Direct	3.1.1	3.1.3	2 behind	1 low	BSD-3-Clause
pygments pypi	Direct	2.19.2	2.20.0	1 behind	1 low	BSD-2-Clause
py pypi	Direct	1.11.0	1.11.0	Current	1 unknown	MIT

License Breakdown

MIT 142

Apache-2.0 75

Unknown 57

BSD-3-Clause 53

BSD-2-Clause AND BSD-3-Clause 47

BSD-2-Clause 12

Apache-2.0 AND MIT 11

BSD-3-Clause AND MIT 6

ISC 6

MIT AND Python-2.0 5

MPL-2.0 5

LicenseRef-scancode-generic-cla AND MIT 4

Apache-2.0 AND BSD-2-Clause 3

Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause) 3

Apache-2.0 AND BSD-3-Clause AND MIT 2

Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1 2

Apache-2.0 AND BSD-3-Clause AND MPL-2.0 2

Apache-2.0 AND LicenseRef-scancode-generic-cla 2

Apache-2.0 AND MIT AND MPL-2.0 2

CAL-1.0 AND LicenseRef-scancode-unknown AND PSF-2.0 AND Python-2.0 2

CNRI-Python AND Apache-2.0 2

MIT AND PSF-2.0 AND Python-2.0 2

PSF-2.0 2

Unlicense 2

0BSD AND Apache-2.0 AND BSD-3-Clause AND MIT 1

0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 1

Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 1

Apache-2.0 AND BSD-3-Clause AND MIT AND Zlib 1

Apache-2.0 AND GPL-1.0-or-later AND MIT 1

Apache-2.0 AND LicenseRef-scancode-proprietary-license 1

BSD-2-Clause AND BSD-3-Clause AND BSL-1.0 AND MIT AND Qhull 1

BSD-2-Clause AND BSD-3-Clause AND GPL-1.0-or-later 1

BSD-2-Clause AND BSD-3-Clause AND ISC AND Python-2.0 1

BSD-2-Clause AND BSD-3-Clause AND MIT 1

BSD-3-Clause AND CC0-1.0 AND ISC AND MIT 1

BSD-3-Clause AND LicenseRef-scancode-protobuf 1

BSD-3-Clause AND MIT AND SunPro 1

BSD-3-Clause OR Apache-2.0 1

GPL-3.0-only 1

LicenseRef-scancode-commercial-license AND LicenseRef-scancode-other-permissive AND MIT 1

LicenseRef-scancode-secret-labs-2011 AND MIT-CMU 1

MIT AND MPL-2.0 1

MIT AND Python-2.0 AND Python-2.0.1 1

MIT AND ZPL-2.1 1

PSF-2.0 AND Python-2.0 1

Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 1

ZPL-2.1 1

CVE Severity

critical 5

high 23

medium 17

low 4

unknown 1