Dependency Analysis
AIOS
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
50%
Freshness
48
Dependencies
7
Outdated
0
Stale
58.5
Avg Behind
Dependency List
Latest release v0.3.0
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
llama-index-core
pypi
|
Direct | 0.10.19 | 0.14.22 | 199 behind | 8 critical | MIT |
|
llama-index
pypi
|
Direct | 0.10.19 | 0.14.22 | 154 behind | 6 critical | MIT |
|
pillow
pypi
|
Direct | 10.1.0 | 12.2.0 | 11 behind | 4 critical | MIT-CMU |
|
zep-cloud
pypi
|
Direct | 2.0.0 | 3.22.0 | 59 behind | — | Apache-2.0 AND Python-2.0 |
|
numpy
pypi
|
Direct | 1.24.3 | 2.4.6 | 37 behind | — | BSD-2-Clause |
|
click
pypi
|
Direct | 8.1.7 | 8.4.1 | 10 behind | — | BSD-3-Clause |
|
anyhow
cargo
|
Direct | 1.0.98 | 1.0.102 | 4 behind | — | MIT OR Apache-2.0 |
|
accelerate
|
Direct | — | — | — | — | Unknown |
|
actions/checkout
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
actions/setup-python
githubactions
|
Direct | 5.*.* | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
chromadb
|
Direct | — | — | — | — | Unknown |
|
fastapi
|
Direct | — | — | — | — | Unknown |
|
fastembed
|
Direct | — | — | — | — | Unknown |
|
flask
|
Direct | — | — | — | — | Unknown |
|
gdown
|
Direct | — | — | — | — | Unknown |
|
hypothesis
|
Direct | — | — | — | — | Unknown |
|
litellm
|
Direct | — | — | — | — | Unknown |
|
lxml
|
Direct | — | — | — | — | Unknown |
|
mem0ai
|
Direct | >= 1.0.11 | — | — | — | Unknown |
|
nltk
|
Direct | — | — | — | — | Unknown |
|
numpy
|
Direct | — | — | — | — | Unknown |
|
opentelemetry-api
|
Direct | >= 1.25.0 | — | — | — | Unknown |
|
opentelemetry-exporter-otlp-proto-grpc
|
Direct | >= 1.25.0 | — | — | — | Unknown |
|
opentelemetry-proto
|
Direct | >= 1.25.0 | — | — | — | Unknown |
|
opentelemetry-sdk
|
Direct | >= 1.25.0 | — | — | — | Unknown |
|
prompt-toolkit
|
Direct | — | — | — | — | Unknown |
|
pulp
|
Direct | — | — | — | — | Unknown |
|
pyautogui
pypi
|
Direct | 0.9.54 | 0.9.54 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
pydantic
|
Direct | >= 2.7.0 | — | — | — | Unknown |
|
pygame
|
Direct | — | — | — | — | Unknown |
|
python-dotenv
|
Direct | — | — | — | — | Unknown |
|
python3-xlib
pypi
|
Direct | 0.15 | 0.15.0 | — | — | GPL-2.0-only |
|
pywinauto
|
Direct | — | — | — | — | Unknown |
|
qdrant-client
|
Direct | — | — | — | — | Unknown |
|
redis
|
Direct | >= 4.5.1 | — | — | — | Unknown |
|
requests
|
Direct | — | — | — | — | Unknown |
|
rich
|
Direct | — | — | — | — | Unknown |
|
scikit-learn
|
Direct | — | — | — | — | Unknown |
|
sentence-transformers
|
Direct | — | — | — | — | Unknown |
|
soundfile
|
Direct | — | — | — | — | Unknown |
|
styfle/cancel-workflow-action
githubactions
|
Direct | 0.12.1 | — | — | — | Unknown |
|
transformers
|
Direct | — | — | — | — | Unknown |
|
typing-extensions
|
Direct | — | — | — | — | Unknown |
|
uvicorn
|
Direct | — | — | — | — | Unknown |
|
vllm
|
Direct | — | — | — | — | Unknown |
|
watchdog
|
Direct | >= 2.1.9 | — | — | — | Unknown |
License Breakdown
Unknown
38
MIT
2
Apache-2.0 AND Python-2.0
1
BSD-2-Clause
1
BSD-2-Clause AND BSD-3-Clause
1
BSD-3-Clause
1
GPL-2.0-only
1
MIT OR Apache-2.0
1
MIT-CMU
1
CVE Severity
critical
3
high
0
medium
0
low
0
unknown
0