Dependency Analysis
Checkov
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
80%
Freshness
315
Dependencies
41
Outdated
0
Stale
2.9
Avg Behind
Dependency List
Latest release 3.2.526
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
django
pypi
|
Direct | 1.2 | — | — | 44 critical | BSD-2-Clause AND BSD-3-Clause |
|
golang.org/x/crypto
golang
|
Direct | 0.0.0-20200622213623-75b288015ac9 | — | — | 10 critical | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
google.golang.org/grpc
golang
|
Direct | 1.22.0 | — | — | 3 critical | Apache-2.0 |
|
lodash
npm
|
Direct | 3.1.0 | — | — | 5 critical | MIT |
|
log4net
nuget
|
Direct | 2.0.9 | — | — | 2 critical | Apache-2.0 |
|
urllib3
pypi
|
Direct | 1.26.20 | 2.7.0 | 9 behind | 4 high | MIT |
|
gitpython
pypi
|
Direct | 3.1.46 | 3.1.50 | 4 behind | 4 high | BSD-3-Clause |
|
orjson
pypi
|
Direct | 3.11.5 | 3.11.9 | 4 behind | 1 high | Apache-2.0 AND MIT |
|
flask
pypi
|
Direct | 0.6 | — | — | 4 high | BSD-2-Clause AND BSD-3-Clause |
|
fresh
npm
|
Transitive | 0.1.0 | — | — | 1 high | MIT |
|
github.com/dgrijalva/jwt-go
golang
|
Direct | 3.2.0+incompatible | — | — | 1 high | MIT |
|
github.com/prometheus/client_golang
golang
|
Direct | 1.0.0 | — | — | 1 high | Apache-2.0 |
|
github.com/sirupsen/logrus
golang
|
Direct | 1.4.2 | — | — | 1 high | MIT |
|
github.com/tidwall/gjson
golang
|
Direct | 1.7.4 | — | — | 1 high | MIT |
|
golang.org/x/net
golang
|
Direct | 0.0.0-20210415231046-e915ea6b2b7d | — | — | 16 high | Unknown |
|
golang.org/x/oauth2
golang
|
Direct | 0.0.0-20190604053449-0f29369cfe45 | — | — | 1 high | BSD-3-Clause |
|
mime
npm
|
Transitive | 1.2.6 | — | — | 1 high | MIT |
|
qs
npm
|
Transitive | 0.5.1 | — | — | 5 high | MIT |
|
pytest
pypi
|
Direct | 7.4.4 | 9.0.3 | 24 behind | 1 medium | MIT |
|
filelock
pypi
|
Direct | 3.19.1 | 3.29.1 | 20 behind | 2 medium | Unlicense |
|
requests
pypi
|
Direct | 2.26.0 | 2.34.2 | 20 behind | 3 medium | Apache-2.0 |
|
requests
pypi
|
Direct | 2.32.5 | 2.34.2 | 6 behind | 1 medium | Apache-2.0 |
|
connect
npm
|
Transitive | 2.6.0 | — | — | 3 medium | MIT |
|
DSInternals.Common
nuget
|
Direct | 4.7.0 | — | — | 1 medium | MIT |
|
express
npm
|
Direct | 3.0.0 | — | — | 4 medium | MIT |
|
golang.org/x/sys
golang
|
Direct | 0.0.0-20210415045647-66c3f260301c | — | — | 1 medium | Unknown |
|
gopkg.in/square/go-jose.v2
golang
|
Direct | 2.3.1 | — | — | 1 medium | Apache-2.0 |
|
jQuery
nuget
|
Direct | 3.0.0 | — | — | 2 medium | MIT |
|
k8s.io/apimachinery
golang
|
Direct | 0.18.6 | — | — | 1 medium | Apache-2.0 |
|
send
npm
|
Transitive | 0.1.0 | — | — | 3 medium | MIT |
|
TinyMCE
nuget
|
Direct | 6.3.0 | — | — | 8 medium | LicenseRef-scancode-unknown |
|
cookie
npm
|
Transitive | 0.0.4 | — | — | 1 low | MIT |
|
EnumStringValues
nuget
|
Direct | 4.0.0 | — | — | 1 low | MIT |
|
coverage
pypi
|
Direct | 7.6.1 | 7.14.1 | 42 behind | — | Apache-2.0 |
|
numpy
pypi
|
Direct | 2.0.2 | 2.4.6 | 24 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
cachetools
pypi
|
Direct | 5.5.2 | 7.1.4 | 21 behind | — | MIT |
|
setuptools
pypi
|
Direct | 78.1.1 | 82.0.1 | 21 behind | — | MIT |
|
pytest-asyncio
pypi
|
Direct | 0.23.8 | 1.4.0 | 19 behind | — | Apache-2.0 |
|
s3transfer
pypi
|
Direct | 0.10.4 | 0.18.0 | 16 behind | — | Apache-2.0 |
|
importlib-metadata
pypi
|
Direct | 7.2.1 | 9.0.0 | 12 behind | — | Apache-2.0 |
|
platformdirs
pypi
|
Direct | 4.4.0 | 4.10.0 | 12 behind | — | MIT |
|
virtualenv
pypi
|
Direct | 21.2.0 | 21.4.2 | 11 behind | — | MIT |
|
pydantic
pypi
|
Direct | 2.12.5 | 2.13.4 | 10 behind | — | MIT |
|
click
pypi
|
Direct | 8.1.8 | 8.4.1 | 9 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
pydantic-core
pypi
|
Direct | 2.41.5 | 2.47.0 | 9 behind | — | MIT |
|
types-cachetools
pypi
|
Direct | 5.5.0.20240820 | 7.0.0.20260518 | 8 behind | — | Apache-2.0 |
|
types-requests
pypi
|
Direct | 2.32.4.20260107 | 2.33.0.20260518 | 8 behind | — | Apache-2.0 AND MIT |
|
mypy
pypi
|
Direct | 1.19.1 | 2.1.0 | 5 behind | — | BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 |
|
pytest-benchmark
pypi
|
Direct | 5.0.1 | 5.2.3 | 5 behind | — | BSD-2-Clause |
|
python-discovery
pypi
|
Direct | 1.2.1 | 1.4.0 | 5 behind | — | Unknown |
|
regex
pypi
|
Direct | 2026.1.15 | 2026.5.9 | 5 behind | — | CNRI-Python AND Apache-2.0 |
|
aiodns
pypi
|
Direct | 3.6.1 | 4.0.4 | 4 behind | — | MIT |
|
identify
pypi
|
Direct | 2.6.15 | 2.6.19 | 4 behind | — | MIT |
|
rpds-py
pypi
|
Direct | 0.27.1 | 2026.5.1 | 4 behind | — | MIT |
|
types-pyyaml
pypi
|
Direct | 6.0.12.20250915 | 6.0.12.20260518 | 4 behind | — | Apache-2.0 AND MIT |
|
librt
pypi
|
Direct | 0.8.1 | 0.11.0 | 3 behind | — | BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 |
|
markdown-it-py
pypi
|
Direct | 3.0.0 | 4.2.0 | 3 behind | — | MIT |
|
schema
pypi
|
Direct | 0.7.5 | 0.7.8 | 3 behind | — | MIT |
|
time-machine
pypi
|
Direct | 2.19.0 | 3.2.0 | 3 behind | — | MIT |
|
types-tabulate
pypi
|
Direct | 0.9.0.20241207 | 0.10.0.20260508 | 3 behind | — | Apache-2.0 AND MIT |
|
asteval
pypi
|
Direct | 1.0.6 | 1.0.8 | 2 behind | — | MIT |
|
certifi
pypi
|
Direct | 2026.2.25 | 2026.5.20 | 2 behind | — | MPL-2.0 |
|
decorator
pypi
|
Direct | 5.2.1 | 5.3.1 | 2 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
importlib-resources
pypi
|
Direct | 6.5.2 | 7.1.0 | 2 behind | — | Apache-2.0 |
|
iniconfig
pypi
|
Direct | 2.1.0 | 2.3.0 | 2 behind | — | MIT |
|
pathspec
pypi
|
Direct | 1.0.4 | 1.1.1 | 2 behind | — | MPL-2.0 |
|
pycares
pypi
|
Direct | 4.11.0 | 5.0.1 | 2 behind | — | MIT |
|
pytest-cov
pypi
|
Direct | 6.3.0 | 7.1.0 | 2 behind | — | MIT |
|
rich
pypi
|
Direct | 14.3.3 | 15.0.0 | 2 behind | — | MIT |
|
types-colorama
pypi
|
Direct | 0.4.15.20250801 | 0.4.15.20260508 | 2 behind | — | Apache-2.0 |
|
yarl
pypi
|
Direct | 1.22.0 | 1.24.2 | 2 behind | — | Apache-2.0 |
|
zipp
pypi
|
Direct | 3.23.0 | 4.1.0 | 2 behind | — | MIT |
|
aiohappyeyeballs
pypi
|
Direct | 2.6.1 | 2.6.2 | 1 behind | — | 0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 |
|
aiohttp
pypi
|
Direct | 3.13.5 | 3.14.0 | 1 behind | — | Apache-2.0 AND MIT |
|
botocore-stubs
pypi
|
Direct | 1.42.41 | 1.43.14 | 1 behind | — | Unknown |
|
cfgv
pypi
|
Direct | 3.4.0 | 3.5.0 | 1 behind | — | MIT |
|
distlib
pypi
|
Direct | 0.4.0 | 0.4.1 | 1 behind | — | PSF-2.0 AND Python-2.0 |
|
jsonschema
pypi
|
Direct | 4.25.1 | 4.26.0 | 1 behind | — | MIT |
|
ms
npm
|
Transitive | 2.1.2 | 2.1.3 | 1 behind | — | MIT |
|
pause
npm
|
Transitive | 0.0.1 | 0.1.0 | 1 behind | — | MIT |
|
prettytable
pypi
|
Direct | 3.16.0 | 3.17.0 | 1 behind | — | BSD-3-Clause |
|
propcache
pypi
|
Direct | 0.4.1 | 0.5.2 | 1 behind | — | Apache-2.0 |
|
referencing
pypi
|
Direct | 0.36.2 | 0.37.0 | 1 behind | — | MIT |
|
responses
pypi
|
Direct | 0.26.0 | 0.26.1 | 1 behind | — | Apache-2.0 |
|
smmap
pypi
|
Direct | 5.0.3 | 6.0.0 | 1 behind | — | BSD-3-Clause |
|
soupsieve
pypi
|
Direct | 2.8.3 | 2.8.4 | 1 behind | — | MIT |
|
tabulate
pypi
|
Direct | 0.9.0 | 0.10.0 | 1 behind | — | MIT |
|
types-awscrt
pypi
|
Direct | 0.31.3 | 0.33.0 | 1 behind | — | Unknown |
|
wcwidth
pypi
|
Direct | 0.6.0 | 0.7.0 | 1 behind | — | MIT AND HPND-Markus-Kuhn |
|
actions/checkout
githubactions
|
Direct | 11bd71901bbe5b1630ceea73d27597364c9af683 | — | — | — | Unknown |
|
actions/configure-pages
githubactions
|
Direct | 983d7736d9b0ae728b81ab479565c72886d7745b | — | — | — | Unknown |
|
actions/deploy-pages
githubactions
|
Direct | d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e | — | — | — | Unknown |
|
actions/jekyll-build-pages
githubactions
|
Direct | 44a6e6beabd48582f863aeeb6cb2151cc1716697 | — | — | — | Unknown |
|
actions/setup-node
githubactions
|
Direct | cdca7365b2dadb8aad0a33bc7601856ffabcc48e | — | — | — | Unknown |
|
actions/setup-python
githubactions
|
Direct | 39cd14951b08e74b54015e9e001cdefcf80e669f | — | — | — | Unknown |
|
actions/upload-pages-artifact
githubactions
|
Direct | 0252fc4ba7626f0298f0cf00902a25c6afc77fa8 | — | — | — | Unknown |
|
actions/upload-release-asset
githubactions
|
Direct | 1.*.* | — | — | — | Unknown |
|
aiodns
|
Direct | < 4.0.0,>= 3.0.0 | — | — | — | Unknown |
|
aiohttp
|
Direct | < 4.0.0,>= 3.8.0 | — | — | — | Unknown |
|
aiomultiprocess
pypi
|
Direct | 0.9.1 | — | — | — | MIT |
|
aiomultiprocess
|
Direct | >= 0.9.0,< 0.10.0 | — | — | — | Unknown |
|
aioresponses
pypi
|
Direct | 0.7.8 | 0.7.8 | Current | — | MIT |
|
aiosignal
pypi
|
Direct | 1.4.0 | 1.4.0 | Current | — | Apache-2.0 |
|
annotated-types
pypi
|
Direct | 0.7.0 | 0.7.0 | Current | — | MIT |
|
argcomplete
pypi
|
Direct | 3.6.3 | 3.6.3 | Current | — | Apache-2.0 |
|
argcomplete
|
Direct | < 4.0.0,>= 3.0.0 | — | — | — | Unknown |
|
async-timeout
pypi
|
Direct | 5.0.1 | 5.0.1 | Current | — | Apache-2.0 |
|
attrs
pypi
|
Direct | 26.1.0 | 26.1.0 | Current | — | MIT |
|
AWSSDK.S3
nuget
|
Direct | 3.7.101.28 | — | — | — | Apache-2.0 |
|
azure/setup-helm
githubactions
|
Direct | 5119fcb9089d432beecbf79bb2c7915207344b78 | — | — | — | Unknown |
|
bandit
pypi
|
Direct | 1.8.6 | — | — | — | Apache-2.0 |
|
bc-detect-secrets
pypi
|
Direct | 1.5.47 | — | — | — | Unknown |
|
bc-jsonpath-ng
pypi
|
Direct | 1.6.1 | — | — | — | Apache-2.0 |
|
bc-python-hcl2
pypi
|
Direct | 0.4.3 | — | — | — | MIT |
|
beartype
pypi
|
Direct | 0.22.2 | — | — | — | MIT |
|
beautifulsoup4
pypi
|
Direct | 4.14.3 | 4.14.3 | Current | — | MIT |
|
boolean-py
pypi
|
Direct | 5.0 | 5.0.0 | — | — | Unknown |
|
boto3
pypi
|
Direct | 1.35.49 | — | — | — | Apache-2.0 |
|
boto3-stubs-lite
pypi
|
Direct | 1.42.83 | — | — | — | Unknown |
|
botocore
pypi
|
Direct | 1.35.99 | — | — | — | Apache-2.0 AND MIT AND MPL-2.0 |
|
bridgecrewio/checkov-action
githubactions
|
Direct | master | — | — | — | Unknown |
|
bridgecrewio/gha-reusable-workflows/.github/workflows/mypy.yaml
githubactions
|
Direct | main | — | — | — | Unknown |
|
bridgecrewio/gha-reusable-workflows/.github/workflows/pre-commit.yaml
githubactions
|
Direct | main | — | — | — | Unknown |
|
bridgecrewio/gha-reusable-workflows/.github/workflows/publish-image.yaml
githubactions
|
Direct | main | — | — | — | Unknown |
|
bytes
npm
|
Transitive | 0.1.0 | — | — | — | MIT |
|
cached-property
pypi
|
Direct | 2.0.1 | 2.0.1 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
cachetools
|
Direct | >= 5.2.0,< 6.0.0 | — | — | — | Unknown |
|
cffi
pypi
|
Direct | 2.0.0 | 2.0.0 | Current | — | MIT-0 |
|
charset-normalizer
pypi
|
Direct | 3.4.7 | 3.4.7 | Current | — | MIT |
|
charset-normalizer
|
Direct | < 4.0.0,>= 3.1.0 | — | — | — | Unknown |
|
checkov
pypi
|
Direct | 3.2.526 | — | — | — | Unknown |
|
click
|
Direct | < 9.0.0,>= 8.1.0 | — | — | — | Unknown |
|
click-option-group
pypi
|
Direct | 0.5.9 | 0.5.9 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
cloudsplaining
pypi
|
Direct | 0.7.0 | — | — | — | BSD-3-Clause AND MIT |
|
cloudsplaining
|
Direct | < 0.8.0,>= 0.7.0 | — | — | — | Unknown |
|
colorama
pypi
|
Direct | 0.4.6 | 0.4.6 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
colorama
|
Direct | >= 0.4.3,< 0.5.0 | — | — | — | Unknown |
|
commander
npm
|
Transitive | 0.6.1 | — | — | — | MIT |
|
configargparse
pypi
|
Direct | 1.7.5 | 1.7.5 | Current | — | Unknown |
|
configargparse
|
Direct | >= 1.5.3,< 2.0.0 | — | — | — | Unknown |
|
contextlib2
pypi
|
Direct | 21.6.0 | 21.6.0 | Current | — | Apache-2.0 AND GPL-1.0-or-later AND LicenseRef-scancode-other-copyleft AND PSF-2.0 AND Python-2.0 |
|
coverage-badge
pypi
|
Direct | 1.1.2 | — | — | — | MIT |
|
crazy-max/ghaction-import-gpg
githubactions
|
Direct | e89d40939c28e39f97cf32126055eeae86ba74ec | — | — | — | Unknown |
|
crc
npm
|
Transitive | 0.2.0 | — | — | — | MIT |
|
cyclonedx-python-lib
pypi
|
Direct | 7.6.2 | — | — | — | Apache-2.0 |
|
cyclonedx-python-lib
|
Direct | < 8.0.0,>= 6.0.0 | — | — | — | Unknown |
|
debug
npm
|
Transitive | 4.3.3 | — | — | — | MIT |
|
defusedxml
pypi
|
Direct | 0.7.1 | 0.7.1 | Current | — | PSF-2.0 |
|
dlint
pypi
|
Direct | 0.16.0 | — | — | — | Unknown |
|
docker
pypi
|
Direct | 7.1.0 | 7.1.0 | Current | — | Apache-2.0 |
|
docker
|
Direct | >= 6.0.1,< 8.0.0 | — | — | — | Unknown |
|
dockerfile-parse
pypi
|
Direct | 2.0.1 | 2.0.1 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
dockerfile-parse
|
Direct | < 3.0.0,>= 2.0.0 | — | — | — | Unknown |
|
dpath
pypi
|
Direct | 2.1.3 | — | — | — | MIT |
|
edplato/trufflehog-actions-scan
githubactions
|
Direct | 0af17d9dd1410283f740eb76b0b8f6b696cadefc | — | — | — | Unknown |
|
exceptiongroup
pypi
|
Direct | 1.3.1 | 1.3.1 | Current | — | MIT AND Python-2.0 |
|
execnet
pypi
|
Direct | 2.1.2 | 2.1.2 | Current | — | MIT |
|
flake8
pypi
|
Direct | 7.3.0 | 7.3.0 | Current | — | MIT |
|
flake8-bugbear
pypi
|
Direct | 24.12.12 | — | — | — | MIT |
|
formidable
npm
|
Transitive | 1.0.11 | — | — | — | MIT |
|
frozenlist
pypi
|
Direct | 1.8.0 | 1.8.0 | Current | — | Apache-2.0 |
|
gitdb
pypi
|
Direct | 4.0.12 | 4.0.12 | Current | — | BSD-2-Clause AND BSD-3-Clause AND GPL-1.0-or-later |
|
github-pages
|
Direct | >= 0 | — | — | — | Unknown |
|
github.com/abbot/go-http-auth
golang
|
Direct | 0.4.0 | — | — | — | Apache-2.0 |
|
github.com/aryszka/jobqueue
golang
|
Direct | 0.0.2 | — | — | — | Unknown |
|
github.com/cenkalti/backoff
golang
|
Direct | 2.2.1+incompatible | — | — | — | MIT |
|
github.com/cjoudrey/gluahttp
golang
|
Direct | 0.0.0-20190104103309-101c19a37344 | — | — | — | MIT |
|
github.com/cjoudrey/gluaurl
golang
|
Direct | 0.0.0-20161028222611-31cbb9bef199 | — | — | — | MIT |
|
github.com/codahale/hdrhistogram
golang
|
Direct | 0.0.0-20161010025455-3a0bb77429bd | — | — | — | MIT |
|
github.com/coreos/go-oidc
golang
|
Direct | 2.0.0+incompatible | — | — | — | Apache-2.0 |
|
github.com/dimfeld/httppath
golang
|
Direct | 0.0.0-20170720192232-ee938bf73598 | — | — | — | BSD-3-Clause |
|
github.com/felixge/httpsnoop
golang
|
Direct | 1.0.0 | — | — | — | MIT |
|
github.com/ghodss/yaml
golang
|
Direct | 1.0.0 | — | — | — | BSD-3-Clause AND MIT |
|
github.com/go-redis/redis/v8
golang
|
Direct | 8.3.3 | — | — | — | BSD-2-Clause |
|
github.com/google/go-cmp
golang
|
Direct | 0.5.2 | — | — | — | BSD-3-Clause |
|
github.com/hashicorp/memberlist
golang
|
Direct | 0.1.4 | — | — | — | MPL-2.0 |
|
github.com/instana/go-sensor
golang
|
Direct | 1.4.16 | — | — | — | MIT |
|
github.com/lightstep/lightstep-tracer-go
golang
|
Direct | 0.24.1-0.20210318180546-a67254760a58 | — | — | — | MIT |
|
github.com/looplab/fsm
golang
|
Direct | 0.1.0 | — | — | — | Apache-2.0 |
|
github.com/miekg/dns
golang
|
Direct | 1.1.41 | — | — | — | BSD-3-Clause |
|
github.com/oklog/ulid
golang
|
Direct | 1.3.1 | — | — | — | Apache-2.0 |
|
github.com/opentracing/basictracer-go
golang
|
Direct | 1.0.0 | — | — | — | MIT |
|
github.com/opentracing/opentracing-go
golang
|
Direct | 1.1.0 | — | — | — | Apache-2.0 |
|
github.com/pkg/errors
golang
|
Direct | 0.8.1 | — | — | — | BSD-2-Clause |
|
github.com/pquerna/cachecontrol
golang
|
Direct | 0.0.0-20180517163645-1555304b9b35 | — | — | — | Apache-2.0 |
|
github.com/rcrowley/go-metrics
golang
|
Direct | 0.0.0-20181016184325-3113b8401b8a | — | — | — | BSD-2-Clause-Views |
|
github.com/sanity-io/litter
golang
|
Direct | 1.1.0 | — | — | — | MIT |
|
github.com/sarslanhan/cronmask
golang
|
Direct | 0.0.0-20190709075623-766eca24d011 | — | — | — | Apache-2.0 |
|
github.com/shirou/gopsutil
golang
|
Direct | 3.21.2+incompatible | — | — | — | BSD-3-Clause |
|
github.com/sony/gobreaker
golang
|
Direct | 0.4.1 | — | — | — | MIT |
|
github.com/stretchr/testify
golang
|
Direct | 1.6.1 | — | — | — | MIT |
|
github.com/szuecs/rate-limit-buffer
golang
|
Direct | 0.7.1 | — | — | — | Apache-2.0 |
|
github.com/szuecs/routegroup-client
golang
|
Direct | 0.17.7 | — | — | — | Apache-2.0 |
|
github.com/tklauser/go-sysconf
golang
|
Direct | 0.3.5 | — | — | — | BSD-3-Clause |
|
github.com/uber-go/atomic
golang
|
Direct | 1.4.0 | — | — | — | MIT |
|
github.com/uber/jaeger-client-go
golang
|
Direct | 2.16.0+incompatible | — | — | — | Apache-2.0 |
|
github.com/uber/jaeger-lib
golang
|
Direct | 2.0.0+incompatible | — | — | — | Apache-2.0 |
|
github.com/yookoala/gofast
golang
|
Direct | 0.6.0 | — | — | — | BSD-3-Clause |
|
github.com/yuin/gopher-lua
golang
|
Direct | 0.0.0-20200603152657-dc2b0ca8b37e | — | — | — | MIT |
|
github/codeql-action/analyze
githubactions
|
Direct | 45775bd8235c68ba998cffa5171334d58593da47 | — | — | — | Unknown |
|
github/codeql-action/autobuild
githubactions
|
Direct | 45775bd8235c68ba998cffa5171334d58593da47 | — | — | — | Unknown |
|
github/codeql-action/init
githubactions
|
Direct | 45775bd8235c68ba998cffa5171334d58593da47 | — | — | — | Unknown |
|
gitpython
|
Direct | >= 3.1.30,< 4.0.0 | — | — | — | Unknown |
|
go.uber.org/atomic
golang
|
Direct | 1.4.0 | — | — | — | MIT |
|
golang.org/x/sync
golang
|
Direct | 0.0.0-20210220032951-036812b2e83c | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/tools
golang
|
Direct | 0.1.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
gopkg.in/alecthomas/kingpin.v2
golang
|
Direct | 2.2.6 | — | — | — | MIT |
|
gopkg.in/yaml.v2
golang
|
Direct | 2.4.0 | — | — | — | Apache-2.0 |
|
idna
pypi
|
Direct | 3.11 | 3.18.0 | — | — | BSD-3-Clause |
|
importlib-metadata
|
Direct | >= 6.0.0,< 8.0.0 | — | — | — | Unknown |
|
imranismail/setup-kustomize
githubactions
|
Direct | a76db1c6419124d51470b1e388c4b29476f495f1 | — | — | — | Unknown |
|
isodate
pypi
|
Direct | 0.7.2 | 0.7.2 | Current | — | MIT |
|
jekyll-feed
|
Direct | ~> 0.11 | — | — | — | Unknown |
|
jekyll-get-json
|
Direct | ~> 1.0 | — | — | — | Unknown |
|
jekyll-redirect-from
|
Direct | >= 0 | — | — | — | Unknown |
|
jekyll-remote-theme
|
Direct | >= 0 | — | — | — | Unknown |
|
jinja2
pypi
|
Direct | 3.1.6 | 3.1.6 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
jmespath
pypi
|
Direct | 1.1.0 | 1.1.0 | Current | — | MIT |
|
jmespath
|
Direct | >= 1.0.0,< 2.0.0 | — | — | — | Unknown |
|
jpetrucciani/bandit-check
githubactions
|
Direct | 74c5ecc4297e374c7e9283bc81f649287bb14f34 | — | — | — | Unknown |
|
jsonschema
|
Direct | < 5.0.0,>= 4.17.0 | — | — | — | Unknown |
|
jsonschema-specifications
pypi
|
Direct | 2025.9.1 | 2025.9.1 | Current | — | MIT |
|
junit-xml
pypi
|
Direct | 1.9 | 1.9.0 | — | — | MIT |
|
junit-xml
|
Direct | >= 1.9,< 2.0 | — | — | — | Unknown |
|
k8s.io/api
golang
|
Direct | 0.18.6 | — | — | — | Apache-2.0 |
|
lark
pypi
|
Direct | 1.3.1 | 1.3.1 | Current | — | MIT AND MPL-2.0 |
|
layeh.com/gopher-json
golang
|
Direct | 0.0.0-20190114024228-97fed8db8427 | — | — | — | Unlicense |
|
license-expression
pypi
|
Direct | 30.4.4 | 30.4.4 | Current | — | Apache-2.0 |
|
license-expression
|
Direct | < 31.0.0,>= 30.1.0 | — | — | — | Unknown |
|
markdown
pypi
|
Direct | 3.9 | 3.10.2 | — | — | BSD-3-Clause |
|
markupsafe
pypi
|
Direct | 3.0.3 | 3.0.3 | Current | — | BSD-3-Clause |
|
mccabe
pypi
|
Direct | 0.7.0 | 0.7.0 | Current | — | MIT |
|
mdurl
pypi
|
Direct | 0.1.2 | 0.1.2 | Current | — | MIT |
|
methods
npm
|
Transitive | 0.0.1 | — | — | — | MIT |
|
mikepenz/release-changelog-builder-action
githubactions
|
Direct | 5f3409748e2230350e149a7f7b5b8e9bcd785d44 | — | — | — | Unknown |
|
mkdirp
npm
|
Transitive | 0.3.3 | — | — | — | MIT |
|
multidict
pypi
|
Direct | 6.7.1 | 6.7.1 | Current | — | Apache-2.0 |
|
mypy-boto3-s3
pypi
|
Direct | 1.42.80 | — | — | — | Unknown |
|
mypy-extensions
pypi
|
Direct | 1.1.0 | 1.1.0 | Current | — | MIT |
|
networkx
pypi
|
Direct | 2.6.3 | — | — | — | BSD-3-Clause |
|
networkx
|
Direct | < 2.7 | — | — | — | Unknown |
|
Newtonsoft.Json
nuget
|
Direct | 13.0.1 | — | — | — | MIT |
|
nodeenv
pypi
|
Direct | 1.10.0 | 1.10.0 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
packageurl-python
pypi
|
Direct | 0.13.4 | — | — | — | MIT |
|
packageurl-python
|
Direct | < 0.14.0,>= 0.11.1 | — | — | — | Unknown |
|
packaging
pypi
|
Direct | 23.2 | 26.2.0 | — | — | Apache-2.0 AND BSD-2-Clause |
|
packaging
|
Direct | >= 23.0,< 24.0 | — | — | — | Unknown |
|
parameterized
pypi
|
Direct | 0.9.0 | 0.9.0 | Current | — | BSD-2-Clause-FreeBSD AND BSD-2-Clause-Views |
|
peter-evans/create-pull-request
githubactions
|
Direct | 271a8d0340265f705b14b6d32b9829c1cb33d45e | — | — | — | Unknown |
|
platformdirs
|
Direct | >= 4.0.0,< 5.0.0 | — | — | — | Unknown |
|
pluggy
pypi
|
Direct | 1.6.0 | 1.6.0 | Current | — | MIT |
|
ply
pypi
|
Direct | 3.11 | 3.11.0 | — | — | BSD-3-Clause |
|
policy-sentry
pypi
|
Direct | 0.13.2 | — | — | — | MIT |
|
pre-commit
pypi
|
Direct | 4.3.0 | — | — | — | MIT |
|
prettytable
|
Direct | < 4.0.0,>= 3.6.0 | — | — | — | Unknown |
|
py-cpuinfo
pypi
|
Direct | 9.0.0 | 9.0.0 | Current | — | MIT |
|
py-serializable
pypi
|
Direct | 1.1.2 | — | — | — | Apache-2.0 |
|
pycep-parser
pypi
|
Direct | 0.5.1 | — | — | — | Apache-2.0 |
|
pycodestyle
pypi
|
Direct | 2.14.0 | 2.14.0 | Current | — | MIT |
|
pycparser
pypi
|
Direct | 2.23 | 3.0.0 | — | — | BSD-3-Clause |
|
pydantic
|
Direct | < 3.0.0,>= 2.0.0 | — | — | — | Unknown |
|
pyflakes
pypi
|
Direct | 3.4.0 | 3.4.0 | Current | — | MIT |
|
pygments
pypi
|
Direct | 2.20.0 | 2.20.0 | Current | — | BSD-2-Clause |
|
pypa/gh-action-pypi-publish
githubactions
|
Direct | 76f52bc884231f62b9a034ebfe128415bbaabdfc | — | — | — | Unknown |
|
pyparsing
pypi
|
Direct | 3.3.2 | 3.3.2 | Current | — | MIT AND Python-2.0 |
|
pyston
pypi
|
Direct | 2.3.5 | — | — | — | Unknown |
|
pyston-autoload
pypi
|
Direct | 2.3.5 | — | — | — | Unknown |
|
pytest-mock
pypi
|
Direct | 3.15.1 | 3.15.1 | Current | — | MIT |
|
pytest-xdist
pypi
|
Direct | 3.8.0 | 3.8.0 | Current | — | MIT |
|
python-dateutil
pypi
|
Direct | 2.9.0.post0 | 2.9.0.post0 | Current | — | Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference |
|
pyyaml
pypi
|
Direct | 6.0.3 | 6.0.3 | Current | — | MIT |
|
pyyaml
|
Direct | < 7.0.0,>= 6.0.0 | — | — | — | Unknown |
|
range-parser
npm
|
Transitive | 0.0.4 | — | — | — | MIT |
|
rdflib
pypi
|
Direct | 7.6.0 | — | — | — | Unknown |
|
requests
|
Direct | < 3.0.0,>= 2.28.0 | — | — | — | Unknown |
|
rustworkx
pypi
|
Direct | 0.17.1 | — | — | — | Apache-2.0 |
|
rustworkx
|
Direct | >= 0.13.0,< 1.0.0 | — | — | — | Unknown |
|
schema
|
Direct | <= 0.7.5 | — | — | — | Unknown |
|
semantic-version
pypi
|
Direct | 2.10.0 | 2.10.0 | Current | — | BSD-2-Clause |
|
send
npm
|
Transitive | 0.0.4 | — | — | — | MIT |
|
SendGrid
nuget
|
Direct | 9.28.1 | — | — | — | MIT |
|
six
pypi
|
Direct | 1.17.0 | 1.17.0 | Current | — | MIT |
|
softprops/action-gh-release
githubactions
|
Direct | da05d552573ad5aba039eaac05058a918a7bf631 | — | — | — | Unknown |
|
sortedcontainers
pypi
|
Direct | 2.4.0 | 2.4.0 | Current | — | Apache-2.0 |
|
spdx-tools
pypi
|
Direct | 0.8.3 | — | — | — | Apache-2.0 |
|
spdx-tools
|
Direct | >= 0.8.0,< 0.9.0 | — | — | — | Unknown |
|
stefanzweifel/changelog-updater-action
githubactions
|
Direct | a938690fad7edf25368f37e43a1ed1b34303eb36 | — | — | — | Unknown |
|
stefanzweifel/git-auto-commit-action
githubactions
|
Direct | b863ae1933cb653a53c021fe36dbb774e1fb9403 | — | — | — | Unknown |
|
stevedore
pypi
|
Direct | 5.5.0 | — | — | — | Apache-2.0 |
|
tabulate
|
Direct | >= 0.9.0,< 0.10.0 | — | — | — | Unknown |
|
termcolor
pypi
|
Direct | 2.3.0 | — | — | — | MIT |
|
termcolor
|
Direct | >= 1.1.0,< 2.4.0 | — | — | — | Unknown |
|
thehanimo/pr-title-checker
githubactions
|
Direct | 7fbfe05602bdd86f926d3fb3bccb6f3aed43bc70 | — | — | — | Unknown |
|
tj-actions/changed-files
githubactions
|
Direct | ed68ef82c095e0d48ec87eccea555d944a631a4c | — | — | — | Unknown |
|
tj-actions/verify-changed-files
githubactions
|
Direct | a1c6acee9df209257a246f2cc6ae8cb6581c1edf | — | — | — | Unknown |
|
tomli
pypi
|
Direct | 2.4.1 | 2.4.1 | Current | — | MIT |
|
tqdm
pypi
|
Direct | 4.67.3 | 4.67.3 | Current | — | MIT AND MPL-2.0 |
|
tqdm
|
Direct | < 5.0.0,>= 4.65.0 | — | — | — | Unknown |
|
types-jmespath
pypi
|
Direct | 1.1.0.20260124 | — | — | — | Unknown |
|
types-jsonschema
pypi
|
Direct | 4.26.0.20260202 | — | — | — | Unknown |
|
types-s3transfer
pypi
|
Direct | 0.16.0 | 0.16.0 | Current | — | MIT |
|
types-tqdm
pypi
|
Direct | 4.67.3.20260205 | — | — | — | Unknown |
|
types-urllib3
pypi
|
Direct | 1.26.25.14 | 1.26.25.14 | Current | — | Apache-2.0 |
|
typing-extensions
pypi
|
Direct | 4.15.0 | 4.15.0 | Current | — | Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD |
|
typing-extensions
|
Direct | < 5.0.0,>= 4.5.0 | — | — | — | Unknown |
|
typing-inspection
pypi
|
Direct | 0.4.2 | 0.4.2 | Current | — | MIT |
|
tzinfo
|
Direct | ~> 1.2 | — | — | — | Unknown |
|
tzinfo-data
|
Direct | >= 0 | — | — | — | Unknown |
|
unidiff
pypi
|
Direct | 0.7.5 | 0.7.5 | Current | — | MIT |
|
uritools
pypi
|
Direct | 5.0.0 | — | — | — | MIT |
|
urllib3
|
Direct | >= 1.26.20 | — | — | — | Unknown |
|
urllib3-mock
pypi
|
Direct | 0.3.3 | — | — | — | Apache-2.0 |
|
wdm
|
Direct | ~> 0.1.1 | — | — | — | Unknown |
|
xmltodict
pypi
|
Direct | 1.0.4 | 1.0.4 | Current | — | MIT |
|
yarl
|
Direct | < 2.0.0,>= 1.9.1 | — | — | — | Unknown |
License Breakdown
MIT
105
Unknown
92
Apache-2.0
50
BSD-3-Clause
16
BSD-2-Clause AND BSD-3-Clause
11
Apache-2.0 AND MIT
5
BSD-2-Clause
5
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
3
MPL-2.0
3
BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1
2
BSD-3-Clause AND MIT
2
MIT AND MPL-2.0
2
MIT AND Python-2.0
2
Unlicense
2
0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0
1
Apache-2.0 AND BSD-2-Clause
1
Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
Apache-2.0 AND GPL-1.0-or-later AND LicenseRef-scancode-other-copyleft AND PSF-2.0 AND Python-2.0
1
Apache-2.0 AND MIT AND MPL-2.0
1
BSD-2-Clause AND BSD-3-Clause AND GPL-1.0-or-later
1
BSD-2-Clause-FreeBSD AND BSD-2-Clause-Views
1
BSD-2-Clause-Views
1
CNRI-Python AND Apache-2.0
1
LicenseRef-scancode-unknown
1
MIT AND HPND-Markus-Kuhn
1
MIT-0
1
PSF-2.0
1
PSF-2.0 AND Python-2.0
1
Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD
1
CVE Severity
critical
5
high
13
medium
13
low
2
unknown
0