Dependency Analysis
cerbos
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
84%
Freshness
836
Dependencies
101
Outdated
0
Stale
3.9
Avg Behind
Dependency List
Latest release v0.53.0
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
minimatch
npm
|
Transitive | 7.4.6 | 10.2.5 | 42 behind | 3 high | ISC |
|
lodash
npm
|
Transitive | 4.17.21 | 4.18.1 | 3 behind | 3 high | CC0-1.0 AND MIT |
|
fast-uri
npm
|
Transitive | 3.1.0 | 3.1.2 | 2 behind | 2 high | BSD-3-Clause |
|
ajv
npm
|
Transitive | 8.17.1 | 8.20.0 | 4 behind | 1 medium | MIT |
|
google.golang.org/protobuf
golang
|
Direct | 1.27.1 | — | — | 1 medium | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
github.com/jackc/pgx/v4
golang
|
Transitive | v4.18.3 | — | — | 1 low | MIT |
|
golang.org/x/net
golang
|
Direct | v0.51.0 | — | — | 1 unknown | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/net
golang
|
Direct | v0.51.0 | — | — | 1 unknown | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
License Breakdown
MIT
385
Unknown
143
Apache-2.0
131
BSD-3-Clause
62
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
42
ISC
18
Apache-2.0 AND BSD-3-Clause
15
Apache-2.0 AND MIT
8
BSD-2-Clause
7
CC0-1.0 AND MIT
6
Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
3
BSD-3-Clause AND MPL-2.0
3
BSD-2-Clause AND ISC
2
BSD-3-Clause AND CC0-1.0 AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-unknown-license-reference AND LicenseRef-scancode-w3c-03-bsd-license AND MIT
2
BSD-3-Clause AND MIT
2
GPL-3.0 AND GPL-3.0-only
2
LicenseRef-scancode-unknown-license-reference AND MIT
2
MPL-2.0
2
AFL-2.1 AND AFL-3.0 AND BSD-3-Clause
1
Apache-2.0 AND BSD-3-Clause AND MIT
1
Apache-2.0 AND CC-BY-3.0 AND MIT
1
Apache-2.0 AND CC-BY-SA-4.0
1
Apache-2.0 AND LicenseRef-scancode-dco-1.1 AND MIT
1
BSD-2-Clause AND BSD-3-Clause
1
BSD-3-Clause AND ISC
1
LicenseRef-scancode-public-domain AND Unlicense
1
LicenseRef-scancode-public-domain-disclaimer
1
MIT-0
1
MPL-1.1 AND MPL-2.0
1
Python-2.0
1
Unlicense
1
CVE Severity
critical
0
high
3
medium
2
low
1
unknown
2