Tools / continue / Dependencies

Dependency Analysis

continue

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

40% Freshness

13295 Dependencies

6594 Outdated

0 Stale

14.6 Avg Behind

Dependency List

Latest release v1.2.22-vscode

All 13294 Outdated 8328 Has CVE 162 GPL 41

Dependency	Type	Current	Latest	Behind	CVE	License
django pypi	Direct	4.2.27	6.0.5	13 behind	13 high	BSD-3-Clause AND Python-2.0 AND LicenseRef-scancode-other-permissive AND Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0.1
node-forge npm	Transitive	1.3.2	1.4.0	2 behind	4 high	(BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0 AND GPL-2.0-only) OR (BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0-only)
node-forge npm	Transitive	1.3.2	1.4.0	2 behind	4 high	(BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0 AND GPL-2.0-only) OR (BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0-only)
dompurify npm	Direct	3.3.3	3.4.8	9 behind	4 medium	(Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0)
@img/sharp-libvips-linux-arm npm	Direct	1.0.5	1.2.4	21 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm npm	Direct	1.0.5	1.2.4	21 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-x64 npm	Direct	1.0.4	1.2.4	21 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-x64 npm	Direct	1.0.4	1.2.4	21 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64 npm	Direct	1.0.4	1.2.4	20 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-arm64 npm	Direct	1.0.4	1.2.4	20 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-darwin-arm64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-darwin-arm64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-darwin-x64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linux-s390x npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-arm64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-libvips-linuxmusl-x64 npm	Direct	1.0.4	1.2.4	19 behind	—	LGPL-3.0-or-later
@img/sharp-wasm32 npm	Direct	0.33.5	0.34.5	15 behind	—	Apache-2.0 AND LGPL-3.0-or-later AND MIT
@img/sharp-win32-ia32 npm	Direct	0.33.5	0.34.5	15 behind	—	Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-x64 npm	Direct	0.33.5	0.34.5	15 behind	—	Apache-2.0 AND LGPL-3.0-or-later
@img/sharp-win32-x64 npm	Direct	0.33.5	0.34.5	15 behind	—	Apache-2.0 AND LGPL-3.0-or-later
@c15t/react npm	Direct	1.8.5	2.1.0	13 behind	—	GPL-3.0-only
psycopg2 pypi	Direct	2.9.1	2.9.12	11 behind	—	LGPL-3.0-or-later WITH openvpn-openssl-exception
@c15t/backend npm	Transitive	1.8.5	2.1.0	9 behind	—	GPL-3.0-only
c15t npm	Transitive	1.8.5	2.1.0	8 behind	—	GPL-3.0-only
@c15t/logger npm	Transitive	1.0.1	2.1.0	6 behind	—	GPL-3.0-only
@c15t/translations npm	Transitive	1.8.5	2.1.0	4 behind	—	GPL-3.0-only
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Direct	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
com.github.stephenc.monte:monte-screen-recorder maven	Transitive	0.7.7.0	—	—	—	Apache-2.0 AND LGPL-2.1-or-later AND CC-BY-3.0
jszip npm	Direct	3.10.1	3.10.1	Current	—	GPL-3.0-only OR MIT
jszip npm	Transitive	3.10.1	3.10.1	Current	—	GPL-3.0-only OR MIT
net.java.dev.jna:jna maven	Transitive	5.14.0	—	—	—	Apache-2.0 OR LGPL-2.1-or-later
net.java.dev.jna:jna-platform maven	Transitive	5.14.0	—	—	—	Apache-2.0 OR LGPL-2.1-or-later
node-forge npm	Transitive	1.4.0	1.4.0	Current	—	BSD-3-Clause OR GPL-2.0-only
org.javadelight:delight-rhino-sandbox maven	Transitive	0.0.17	—	—	—	(Apache-2.0 AND GPL-1.0-or-later AND GPL-3.0 AND GPL-3.0-only AND MIT) OR (Apache-2.0 AND GPL-1.0-or-later AND GPL-3.0-only AND MIT)
org.jetbrains.intellij.deps:trove4j maven	Transitive	1.0.20200330	—	—	—	LGPL-2.1

License Breakdown

MIT 9269

ISC 1462

Apache-2.0 1116

BSD-3-Clause 297

Unknown 223

BSD-2-Clause 134

BlueOak-1.0.0 116

MIT OR Apache-2.0 116

CC0-1.0 AND MIT 76

BSD-2-Clause AND BSD-3-Clause 62

Apache-2.0 AND MIT 46

ISC AND MIT 42

Apache-2.0 OR MIT OR (Apache-2.0 AND MIT) 18

EPL-2.0 16

0BSD 14

LGPL-3.0-or-later 13

Python-2.0 12

Elastic-2.0 11

FSL-1.1-MIT 11

Apache-2.0 AND BSD-2-Clause 10

BSD-2-Clause AND BSD-3-Clause AND JSON 10

BSD-3-Clause AND ISC AND MIT 10

CC-BY-4.0 10

CC0-1.0 10

Apache-2.0 OR BSD-2-Clause OR MIT OR (Apache-2.0 AND BSD-2-Clause) OR (Apache-2.0 AND MIT) OR (BSD-2-Clause AND MIT) 8

MIT AND MIT-0 8

Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 7

BSD-3-Clause AND LicenseRef-scancode-generic-cla AND MIT 7

Unlicense OR MIT 7

Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only) 6

Apache-2.0 OR MIT 6

Artistic-2.0 AND LicenseRef-scancode-unknown-license-reference 6

BSD-2-Clause AND BSD-2-Clause-Views 6

CC-BY-3.0 6

CC0-1.0 OR MIT OR (CC0-1.0 AND MIT) 6

MIT OR (CC0-1.0 AND MIT) 6

Artistic-2.0 5

GPL-3.0-only 5

0BSD AND MIT 4

BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 4

BSD-2-Clause AND JSON 4

BSD-3-Clause AND LicenseRef-scancode-protobuf 4

0BSD AND ISC AND MIT 3

AFL-2.1 AND AFL-3.0 AND BSD-3-Clause 3

Apache-2.0 AND LGPL-3.0-or-later 3

Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT 3

BSD-3-Clause AND MIT 3

CC-BY-SA-4.0 AND ISC 3

LicenseRef-scancode-unknown-license-reference AND MIT 3

MIT AND Zlib 3

MIT OR (MIT AND WTFPL) 3

Unlicense 3

(BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0 AND GPL-2.0-only) OR (BSD-3-Clause AND GPL-1.0-or-later AND GPL-2.0-only) 2

Apache-2.0 AND BSD-3-Clause 2

Apache-2.0 AND LicenseRef-scancode-unknown-license-reference 2

Apache-2.0 OR LGPL-2.1-or-later 2

BSD-2-Clause OR Apache-2.0 OR MIT 2

GPL-3.0-only OR MIT 2

LicenseRef-scancode-free-unknown AND MIT 2

LicenseRef-scancode-unknown-license-reference AND EPL-2.0 2

MIT AND MITNFA 2

MIT AND Ruby 2

MIT-0 2

MPL-2.0 2

(Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0) 1

(Apache-2.0 AND GPL-1.0-or-later AND GPL-3.0 AND GPL-3.0-only AND MIT) OR (Apache-2.0 AND GPL-1.0-or-later AND GPL-3.0-only AND MIT) 1

(MIT OR Apache-2.0) AND Unicode-DFS-2016 1

0BSD AND Apache-2.0 AND Artistic-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC-BY-3.0 AND CC-BY-4.0 AND CC0-1.0 AND MIT AND Unlicense 1

Apache-1.1 1

Apache-2.0 AND BSD-3-Clause AND CC0-1.0 AND ISC AND LicenseRef-scancode-unknown AND MIT 1

Apache-2.0 AND EPL-2.0 1

Apache-2.0 AND ISC 1

Apache-2.0 AND LGPL-2.1-or-later AND CC-BY-3.0 1

Apache-2.0 AND LGPL-3.0-or-later AND MIT 1

Apache-2.0 OR BSL-1.0 1

BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 1

BSD-3-Clause AND Python-2.0 AND LicenseRef-scancode-other-permissive AND Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0.1 1

BSD-3-Clause OR GPL-2.0-only 1

CC-BY-2.5 1

EPL-1.0 1

FTL AND MIT 1

ISC OR WTFPL OR (ISC AND WTFPL) 1

LGPL-2.1 1

LGPL-3.0-or-later WITH openvpn-openssl-exception 1

LicenseRef-scancode-ms-xamarin-uitest3.2.0 AND LicenseRef-scancode-unknown-license-reference 1

LicenseRef-scancode-public-domain 1

LicenseRef-scancode-unknown AND MPL-2.0 1

MIT AND MS-PL 1

MIT OR WTFPL OR (MIT AND WTFPL) 1

MIT-CMU 1

MPL-2.0 AND (MPL-2.0 AND LicenseRef-scancode-unknown-license-reference) AND BSD-3-Clause 1

PSF-2.0 1

Unicode-DFS-2016 1

WTFPL 1

xpp 1

CVE Severity

critical 16

high 80

medium 56

low 9

unknown 1