Skip to content
Tools / dawarich / Dependencies

Dependency Analysis

dawarich

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV
96% Freshness
313 Dependencies
9 Outdated
0 Stale
23.1 Avg Behind

Dependency List

Latest release 1.7.5

All 312 Outdated 14 Has CVE 14 GPL 8
Dependency Type Current Latest Behind CVE License
activestorage
gem
 Direct 8.0.3 5 high MIT
addressable
gem
 Direct 2.8.7 1 high Apache-2.0
httparty
gem
 Direct 0.23.1 1 high MIT
json
gem
 Direct 2.19.1 1 high Ruby
net-imap
gem
 Direct 0.5.12 5 high BSD-2-Clause AND LicenseRef-scancode-ietf AND LicenseRef-scancode-ietf-trust AND MIT AND Ruby
postcss
npm
 Direct 8.5.3 8.5.15 12 behind 1 medium MIT
dompurify
npm
 Transitive 3.3.2 3.4.8 10 behind 4 medium (Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0)
protocol-buffers-schema
npm
 Transitive 3.6.0 3.6.1 1 behind 1 medium MIT
activesupport
gem
 Direct 8.0.3 3 medium MIT
aws-sdk-s3
gem
 Direct 1.177.0 1 medium Apache-2.0
bcrypt
gem
 Direct 3.1.20 1 medium MIT
devise
gem
 Direct 4.9.4 2 medium MIT
trix
npm
 Direct 2.1.16 2 medium MIT
actionview
gem
 Direct 8.0.3 1 low MIT

License Breakdown

MIT 179
Unknown 25
Apache-2.0 17
ISC 11
BSD-2-Clause OR (BSD-2-Clause AND Ruby) 10
BSD-2-Clause OR Ruby OR (BSD-2-Clause AND Ruby) 9
MIT OR Apache-2.0 9
BSD-3-Clause 8
(BSD-2-Clause AND MIT AND Ruby) OR (BSD-2-Clause AND MIT) 5
BSD-2-Clause 4
LicenseRef-scancode-unknown-license-reference AND MIT 4
MIT AND Ruby 2
Ruby 2
(Apache-2.0 AND BSD-2-Clause AND MIT AND Ruby) OR (BSD-2-Clause AND GPL-2.0-only AND MIT AND Ruby) 1
(Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0) 1
(Artistic-1.0-Perl AND Artistic-2.0 AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND MIT) OR (Artistic-2.0 AND GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND MIT) 1
(Artistic-1.0-Perl AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND MIT AND OFL-1.1 AND Ruby) OR (BSD-3-Clause AND GPL-1.0-or-later AND LicenseRef-scancode-unknown-license-reference AND MIT AND OFL-1.1 AND Ruby) 1
(BSD-2-Clause AND BSD-3-Clause AND Ruby) OR (BSD-2-Clause AND BSD-3-Clause) 1
(BSD-2-Clause AND PostgreSQL AND Ruby) OR (BSD-2-Clause AND PostgreSQL) 1
(LGPL-3.0 AND LGPL-3.0-only AND LicenseRef-scancode-unknown-license-reference) OR (LGPL-3.0 AND LicenseRef-scancode-commercial-license AND LicenseRef-scancode-unknown-license-reference) 1
Apache-2.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0 AND CC-BY-SA-4.0 AND MIT 1
Apache-2.0 AND MIT 1
Apache-2.0 OR MIT OR (Apache-2.0 AND MIT) 1
BSD-2-Clause AND BSD-3-Clause 1
BSD-2-Clause AND GPL-2.0-or-later AND MIT 1
BSD-2-Clause AND LicenseRef-scancode-ietf AND LicenseRef-scancode-ietf-trust AND MIT AND Ruby 1
BSD-2-Clause AND MIT 1
BSD-2-Clause AND Ruby 1
BSD-2-Clause OR Ruby 1
BSD-3-Clause AND ISC AND MIT 1
BSD-3-Clause AND MIT 1
BSD-3-Clause AND Ruby 1
CC-BY-SA-2.5 AND CC-BY-SA-4.0 AND MIT 1
GPL-2.0 AND GPL-2.0-only 1
GPL-3.0-or-later 1
LicenseRef-scancode-free-unknown AND MIT 1
LicenseRef-scancode-proprietary-license 1
LicenseRef-scancode-warranty-disclaimer AND MIT 1
MIT AND OFL-1.1 1
WTFPL OR (MIT AND WTFPL) 1

CVE Severity

critical 0
high 5
medium 8
low 1
unknown 0

Beta — feedback welcome: [email protected]