Dependency Analysis
Docker Compose
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
98%
Freshness
229
Dependencies
5
Outdated
0
Stale
8.6
Avg Behind
Dependency List
Latest release v5.1.3
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
gitpython
pypi
|
Direct | 3.1.11 | — | — | 8 critical | BSD-2-Clause AND BSD-3-Clause |
|
certifi
pypi
|
Direct | 2021.5.30 | — | — | 3 high | MPL-2.0 |
|
cryptography
pypi
|
Direct | 3.3.2 | — | — | 10 high | Apache-2.0 AND BSD-3-Clause AND PSF-2.0 AND Python-2.0 |
|
github.com/docker/docker
golang
|
Transitive | v28.5.2+incompatible | — | — | 2 high | Apache-2.0 |
|
go.opentelemetry.io/otel/sdk
golang
|
Direct | v1.42.0 | — | — | 1 high | Apache-2.0 AND BSD-3-Clause |
|
pyinstaller
pypi
|
Direct | 4.1 | — | — | 2 high | GPL-3.0-or-later |
|
urllib3
pypi
|
Direct | 1.26.5 | — | — | 7 high | MIT |
|
virtualenv
pypi
|
Direct | 20.4.0 | — | — | 2 high | MIT |
|
filelock
pypi
|
Direct | 3.0.12 | — | — | 2 medium | Unlicense |
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp
golang
|
Transitive | v1.42.0 | — | — | 1 medium | Unknown |
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
golang
|
Transitive | v1.42.0 | — | — | 1 medium | Apache-2.0 AND BSD-3-Clause |
|
idna
pypi
|
Direct | 2.10 | — | — | 1 medium | BSD-2-Clause |
|
paramiko
pypi
|
Direct | 2.7.2 | — | — | 2 medium | LGPL-2.1-or-later |
|
pynacl
pypi
|
Direct | 1.4.0 | — | — | 1 medium | Apache-2.0 |
|
requests
pypi
|
Direct | 2.25.1 | — | — | 1 medium | Apache-2.0 |
|
pyparsing
pypi
|
Direct | 2.4.7 | 3.3.2 | 40 behind | — | MIT |
|
docker
pypi
|
Direct | 5.0.0 | 7.1.0 | 15 behind | — | Apache-2.0 |
|
bcrypt
pypi
|
Direct | 3.2.0 | 5.0.0 | 12 behind | — | Apache-2.0 |
|
pyyaml
pypi
|
Direct | 5.4.1 | 6.0.3 | 6 behind | — | MIT |
|
distro
pypi
|
Direct | 1.5.0 | 1.9.0 | 4 behind | — | Apache-2.0 |
|
actions/checkout
githubactions
|
Direct | de0fac2e4500dabe0009e67214ff5f5447ce83dd | — | — | — | Unknown |
|
actions/create-github-app-token
githubactions
|
Direct | f8d387b68d61c58ab83c6c016672934102569859 | — | — | — | Unknown |
|
actions/download-artifact
githubactions
|
Direct | 3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c | — | — | — | Unknown |
|
actions/github-script
githubactions
|
Direct | ed597411d8f924073f98dfc5c65a23a2325f34cd | — | — | — | Unknown |
|
actions/setup-go
githubactions
|
Direct | 4b73464bb391d4059bd26b0524d20df3927bd417 | — | — | — | Unknown |
|
actions/stale
githubactions
|
Direct | b5d41d4e1d5dceea10e7104786b73624c18a190f | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | bbbca2ddaa5d8feaa63e36b76fdaad77386f024f | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a | — | — | — | Unknown |
|
altgraph
pypi
|
Direct | 0.17 | — | — | — | MIT |
|
appdirs
pypi
|
Direct | 1.4.4 | 1.4.4 | Current | — | MIT |
|
attrs
pypi
|
Direct | 20.3.0 | — | — | — | MIT |
|
backports-shutil-get-terminal-size
pypi
|
Direct | 1.0.0 | — | — | — | MIT |
|
cached-property
pypi
|
Direct | 1.5.1 | — | — | — | BSD-2-Clause AND BSD-3-Clause |
|
cffi
pypi
|
Direct | 1.14.4 | — | — | — | MIT |
|
chardet
pypi
|
Direct | 3.0.4 | — | — | — | LGPL-2.1-or-later |
|
click
pypi
|
Direct | 7.1.2 | — | — | — | BSD-3-Clause |
|
codecov/codecov-action
githubactions
|
Direct | 1af58845a975a7985b0beb0cbe6fbbb71a41dbad | — | — | — | Unknown |
|
colorama
pypi
|
Direct | 0.4.4 | — | — | — | BSD-2-Clause AND BSD-3-Clause |
|
coverage
pypi
|
Direct | 5.5 | — | — | — | Apache-2.0 |
|
ddt
|
Direct | >= 1.2.2,< 2 | — | — | — | Unknown |
|
ddt
pypi
|
Direct | 1.4.2 | — | — | — | MIT |
|
distlib
pypi
|
Direct | 0.3.1 | — | — | — | Python-2.0.1 |
|
distro
|
Direct | >= 1.5.0,< 2 | — | — | — | Unknown |
|
docker
|
Direct | >= 5 | — | — | — | Unknown |
|
docker-pycreds
pypi
|
Direct | 0.4.0 | 0.4.0 | Current | — | Apache-2.0 |
|
docker/bake-action
githubactions
|
Direct | 82490499d2e5613fcead7e128237ef0b0ea210f7 | — | — | — | Unknown |
|
docker/cagent-action/.github/workflows/review-pr.yml
githubactions
|
Direct | 2369328cd25777eb0a4ff959a399b6d1a5204fc7 | — | — | — | Unknown |
|
docker/docs/.github/workflows/validate-upstream.yml
githubactions
|
Direct | 464a44a6e72b37cf1755968477e242a5e5f6ef7d | — | — | — | Unknown |
|
docker/github-builder/.github/workflows/bake.yml
githubactions
|
Direct | 70313223e2665c3211b454b3fea6534624e78d64 | — | — | — | Unknown |
|
docker/setup-buildx-action
githubactions
|
Direct | 4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd | — | — | — | Unknown |
|
dockerpty
|
Direct | >= 0.4.1,< 1 | — | — | — | Unknown |
|
dockerpty
pypi
|
Direct | 0.4.1 | — | — | — | Apache-2.0 |
|
docopt
|
Direct | >= 0.6.1,< 1 | — | — | — | Unknown |
|
docopt
pypi
|
Direct | 0.6.2 | 0.6.2 | Current | — | MIT |
|
entrypoints
pypi
|
Direct | 0.3 | — | — | — | MIT |
|
flake8
pypi
|
Direct | 3.8.3 | — | — | — | MIT |
|
gitdb2
pypi
|
Direct | 4.0.2 | — | — | — | BSD-3-Clause |
|
github.com/acarl005/stripansi
golang
|
Direct | v0.0.0-20180116102854-5a71ef0e047d | — | — | — | MIT |
|
github.com/alecaivazis/survey/v2
golang
|
Direct | v2.3.7 | — | — | — | MIT |
|
github.com/azure/go-ansiterm
golang
|
Transitive | v0.0.0-20250102033503-faa5f7b0171c | — | — | — | MIT |
|
github.com/buger/goterm
golang
|
Direct | v1.0.4 | — | — | — | MIT |
|
github.com/cenkalti/backoff/v5
golang
|
Transitive | v5.0.3 | — | — | — | MIT |
|
github.com/cespare/xxhash/v2
golang
|
Transitive | v2.3.0 | — | — | — | MIT |
|
github.com/compose-spec/compose-go/v2
golang
|
Direct | v2.10.2 | — | — | — | Unknown |
|
github.com/containerd/console
golang
|
Direct | v1.0.5 | — | — | — | Apache-2.0 |
|
github.com/containerd/containerd/api
golang
|
Transitive | v1.10.0 | — | — | — | Apache-2.0 |
|
github.com/containerd/containerd/v2
golang
|
Direct | v2.2.3 | — | — | — | Unknown |
|
github.com/containerd/continuity
golang
|
Transitive | v0.4.5 | — | — | — | Apache-2.0 |
|
github.com/containerd/errdefs
golang
|
Direct | v1.0.0 | — | — | — | Apache-2.0 |
|
github.com/containerd/errdefs/pkg
golang
|
Transitive | v0.3.0 | — | — | — | Apache-2.0 |
|
github.com/containerd/log
golang
|
Transitive | v0.1.0 | — | — | — | Apache-2.0 |
|
github.com/containerd/platforms
golang
|
Direct | v1.0.0-rc.4 | — | — | — | Unknown |
|
github.com/containerd/ttrpc
golang
|
Transitive | v1.2.8 | — | — | — | Unknown |
|
github.com/containerd/typeurl/v2
golang
|
Transitive | v2.2.3 | — | — | — | Apache-2.0 |
|
github.com/cpuguy83/go-md2man/v2
golang
|
Transitive | v2.0.7 | — | — | — | MIT |
|
github.com/creack/pty
golang
|
Direct | v1.1.24 | — | — | — | MIT |
|
github.com/defanglabs/secret-detector
golang
|
Direct | v0.0.0-20250403165618-22662109213e | — | — | — | Apache-2.0 |
|
github.com/distribution/reference
golang
|
Direct | v0.6.0 | — | — | — | Apache-2.0 |
|
github.com/docker/buildx
golang
|
Direct | v0.33.0 | — | — | — | Unknown |
|
github.com/docker/cli
golang
|
Direct | v29.4.0+incompatible | — | — | — | Unknown |
|
github.com/docker/cli-docs-tool
golang
|
Direct | v0.11.0 | — | — | — | Apache-2.0 |
|
github.com/docker/distribution
golang
|
Direct | v2.8.3+incompatible | — | — | — | Apache-2.0 |
|
github.com/docker/docker-credential-helpers
golang
|
Transitive | v0.9.5 | — | — | — | MIT |
|
github.com/docker/go-connections
golang
|
Transitive | v0.6.0 | — | — | — | Apache-2.0 |
|
github.com/docker/go-units
golang
|
Direct | v0.5.0 | — | — | — | Apache-2.0 |
|
github.com/eiannone/keyboard
golang
|
Direct | v0.0.0-20220611211555-0d226195f203 | — | — | — | MIT |
|
github.com/felixge/httpsnoop
golang
|
Transitive | v1.0.4 | — | — | — | MIT |
|
github.com/fsnotify/fsevents
golang
|
Direct | v0.2.0 | — | — | — | BSD-3-Clause |
|
github.com/fvbommel/sortorder
golang
|
Transitive | v1.1.0 | — | — | — | MIT |
|
github.com/go-logr/logr
golang
|
Transitive | v1.4.3 | — | — | — | Apache-2.0 |
|
github.com/go-logr/stdr
golang
|
Transitive | v1.2.2 | — | — | — | Apache-2.0 |
|
github.com/go-viper/mapstructure/v2
golang
|
Direct | v2.5.0 | — | — | — | MIT |
|
github.com/gofrs/flock
golang
|
Transitive | v0.13.0 | — | — | — | BSD-3-Clause |
|
github.com/gogo/protobuf
golang
|
Transitive | v1.3.2 | — | — | — | BSD-3-Clause |
|
github.com/golang-jwt/jwt/v5
golang
|
Transitive | v5.3.0 | — | — | — | MIT |
|
github.com/golang/protobuf
golang
|
Transitive | v1.5.4 | — | — | — | BSD-3-Clause |
|
github.com/google/go-cmp
golang
|
Direct | v0.7.0 | — | — | — | BSD-3-Clause |
|
github.com/google/shlex
golang
|
Transitive | v0.0.0-20191202100458-e7afc7fbc510 | — | — | — | Apache-2.0 |
|
github.com/google/uuid
golang
|
Direct | v1.6.0 | — | — | — | BSD-3-Clause |
|
github.com/gorilla/mux
golang
|
Direct | v1.8.1 | — | — | — | BSD-3-Clause |
|
github.com/grpc-ecosystem/grpc-gateway/v2
golang
|
Transitive | v2.28.0 | — | — | — | BSD-3-Clause |
|
github.com/hashicorp/errwrap
golang
|
Transitive | v1.1.0 | — | — | — | MPL-2.0 |
|
github.com/hashicorp/go-cleanhttp
golang
|
Transitive | v0.5.2 | — | — | — | MPL-2.0 |
|
github.com/hashicorp/go-multierror
golang
|
Transitive | v1.1.1 | — | — | — | MPL-2.0 |
|
github.com/hashicorp/go-version
golang
|
Direct | v1.9.0 | — | — | — | MPL-2.0 |
|
github.com/in-toto/attestation
golang
|
Transitive | v1.1.2 | — | — | — | Apache-2.0 |
|
github.com/in-toto/in-toto-golang
golang
|
Transitive | v0.10.0 | — | — | — | Unknown |
|
github.com/inconshreveable/mousetrap
golang
|
Transitive | v1.1.0 | — | — | — | Apache-2.0 |
|
github.com/inhies/go-bytesize
golang
|
Transitive | v0.0.0-20220417184213-4913239db9cf | — | — | — | BSD-3-Clause |
|
github.com/jonboulle/clockwork
golang
|
Direct | v0.5.0 | — | — | — | Apache-2.0 |
|
github.com/kballard/go-shellquote
golang
|
Transitive | v0.0.0-20180428030007-95032a82bc51 | — | — | — | MIT |
|
github.com/klauspost/compress
golang
|
Transitive | v1.18.5 | — | — | — | Apache-2.0 AND BSD-3-Clause AND MIT |
|
github.com/mattn/go-colorable
golang
|
Transitive | v0.1.14 | — | — | — | MIT |
|
github.com/mattn/go-isatty
golang
|
Transitive | v0.0.20 | — | — | — | MIT |
|
github.com/mattn/go-runewidth
golang
|
Transitive | v0.0.16 | — | — | — | MIT |
|
github.com/mattn/go-shellwords
golang
|
Direct | v1.0.13 | — | — | — | Unknown |
|
github.com/mgutz/ansi
golang
|
Transitive | v0.0.0-20170206155736-9520e82c474b | — | — | — | MIT |
|
github.com/microsoft/go-winio
golang
|
Direct | v0.6.2 | — | — | — | MIT |
|
github.com/mitchellh/go-ps
golang
|
Direct | v1.0.0 | — | — | — | MIT |
|
github.com/mitchellh/hashstructure/v2
golang
|
Transitive | v2.0.2 | — | — | — | MIT |
|
github.com/moby/buildkit
golang
|
Direct | v0.29.0 | — | — | — | Unknown |
|
github.com/moby/docker-image-spec
golang
|
Transitive | v1.3.1 | — | — | — | Apache-2.0 |
|
github.com/moby/go-archive
golang
|
Direct | v0.2.0 | — | — | — | Apache-2.0 |
|
github.com/moby/locker
golang
|
Transitive | v1.0.1 | — | — | — | Apache-2.0 |
|
github.com/moby/moby/api
golang
|
Direct | v1.54.1 | — | — | — | Unknown |
|
github.com/moby/moby/client
golang
|
Direct | v0.4.0 | — | — | — | Unknown |
|
github.com/moby/patternmatcher
golang
|
Direct | v0.6.1 | — | — | — | Unknown |
|
github.com/moby/sys/atomicwriter
golang
|
Direct | v0.1.0 | — | — | — | Apache-2.0 |
|
github.com/moby/sys/capability
golang
|
Transitive | v0.4.0 | — | — | — | BSD-2-Clause |
|
github.com/moby/sys/sequential
golang
|
Transitive | v0.6.0 | — | — | — | Apache-2.0 |
|
github.com/moby/sys/signal
golang
|
Transitive | v0.7.1 | — | — | — | Apache-2.0 |
|
github.com/moby/sys/symlink
golang
|
Transitive | v0.3.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
github.com/moby/sys/user
golang
|
Transitive | v0.4.0 | — | — | — | Apache-2.0 |
|
github.com/moby/sys/userns
golang
|
Transitive | v0.1.0 | — | — | — | Apache-2.0 |
|
github.com/moby/term
golang
|
Transitive | v0.5.2 | — | — | — | Apache-2.0 |
|
github.com/morikuni/aec
golang
|
Direct | v1.1.0 | — | — | — | MIT |
|
github.com/opencontainers/go-digest
golang
|
Direct | v1.0.0 | — | — | — | Apache-2.0 AND CC-BY-SA-4.0 |
|
github.com/opencontainers/image-spec
golang
|
Direct | v1.1.1 | — | — | — | Apache-2.0 AND LicenseRef-scancode-dco-1.1 AND MIT |
|
github.com/otiai10/copy
golang
|
Direct | v1.14.1 | — | — | — | MIT |
|
github.com/otiai10/mint
golang
|
Transitive | v1.6.3 | — | — | — | MIT |
|
github.com/pelletier/go-toml/v2
golang
|
Transitive | v2.2.4 | — | — | — | MIT |
|
github.com/pkg/errors
golang
|
Transitive | v0.9.1 | — | — | — | BSD-2-Clause |
|
github.com/planetscale/vtprotobuf
golang
|
Transitive | v0.6.1-0.20240319094008-0393e58bdf10 | — | — | — | BSD-3-Clause |
|
github.com/rivo/uniseg
golang
|
Transitive | v0.4.7 | — | — | — | MIT |
|
github.com/russross/blackfriday/v2
golang
|
Transitive | v2.1.0 | — | — | — | BSD-2-Clause |
|
github.com/santhosh-tekuri/jsonschema/v6
golang
|
Transitive | v6.0.1 | — | — | — | Apache-2.0 |
|
github.com/secure-systems-lab/go-securesystemslib
golang
|
Transitive | v0.10.0 | — | — | — | MIT |
|
github.com/shibumi/go-pathspec
golang
|
Transitive | v1.3.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
github.com/sigstore/sigstore
golang
|
Transitive | v1.10.4 | — | — | — | Apache-2.0 |
|
github.com/sigstore/sigstore-go
golang
|
Transitive | v1.1.4 | — | — | — | Apache-2.0 |
|
github.com/sirupsen/logrus
golang
|
Direct | v1.9.4 | — | — | — | MIT |
|
github.com/skratchdot/open-golang
golang
|
Direct | v0.0.0-20200116055534-eef842397966 | — | — | — | MIT |
|
github.com/spf13/cobra
golang
|
Direct | v1.10.2 | — | — | — | Apache-2.0 |
|
github.com/spf13/pflag
golang
|
Direct | v1.0.10 | — | — | — | BSD-3-Clause |
|
github.com/tilt-dev/fsnotify
golang
|
Direct | v1.4.8-0.20220602155310-fff9c274a375 | — | — | — | BSD-3-Clause |
|
github.com/tonistiigi/dchapes-mode
golang
|
Transitive | v0.0.0-20250318174251-73d941a28323 | — | — | — | BSD-2-Clause |
|
github.com/tonistiigi/fsutil
golang
|
Transitive | v0.0.0-20251211185533-a2aa163d723f | — | — | — | MIT |
|
github.com/tonistiigi/go-csvvalue
golang
|
Transitive | v0.0.0-20240814133006-030d3b2625d0 | — | — | — | MIT |
|
github.com/tonistiigi/units
golang
|
Transitive | v0.0.0-20180711220420-6950e57a87ea | — | — | — | MIT |
|
github.com/tonistiigi/vt100
golang
|
Transitive | v0.0.0-20240514184818-90bafcd6abab | — | — | — | MIT |
|
github.com/xhit/go-str2duration/v2
golang
|
Transitive | v2.1.0 | — | — | — | BSD-3-Clause |
|
github/codeql-action/upload-sarif
githubactions
|
Direct | b8d3b6e8af63cde30bdc382c0bc28114f4346c88 | — | — | — | Unknown |
|
go.opentelemetry.io/auto/sdk
golang
|
Transitive | v1.2.1 | — | — | — | Apache-2.0 |
|
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
golang
|
Transitive | v0.63.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace
golang
|
Transitive | v0.63.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
golang
|
Direct | v0.63.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel
golang
|
Direct | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc
golang
|
Transitive | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace
golang
|
Direct | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
golang
|
Direct | v1.42.0 | — | — | — | Unknown |
|
go.opentelemetry.io/otel/metric
golang
|
Direct | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel/sdk/metric
golang
|
Transitive | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/otel/trace
golang
|
Direct | v1.42.0 | — | — | — | Apache-2.0 AND BSD-3-Clause |
|
go.opentelemetry.io/proto/otlp
golang
|
Transitive | v1.9.0 | — | — | — | Apache-2.0 |
|
go.uber.org/goleak
golang
|
Direct | v1.3.0 | — | — | — | MIT |
|
go.uber.org/mock
golang
|
Direct | v0.6.0 | — | — | — | Apache-2.0 |
|
go.yaml.in/yaml/v3
golang
|
Transitive | v3.0.4 | — | — | — | Apache-2.0 AND MIT |
|
go.yaml.in/yaml/v4
golang
|
Direct | v4.0.0-rc.4 | — | — | — | Apache-2.0 AND MIT |
|
golang.org/x/crypto
golang
|
Transitive | v0.48.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/net
golang
|
Transitive | v0.51.0 | — | — | 1 unknown | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/sync
golang
|
Direct | v0.20.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/sys
golang
|
Direct | v0.42.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/term
golang
|
Transitive | v0.41.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/text
golang
|
Transitive | v0.34.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/time
golang
|
Transitive | v0.14.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
google.golang.org/genproto/googleapis/api
golang
|
Transitive | v0.0.0-20260209200024-4cfbd4190f57 | — | — | — | Apache-2.0 |
|
google.golang.org/genproto/googleapis/rpc
golang
|
Transitive | v0.0.0-20260209200024-4cfbd4190f57 | — | — | — | Apache-2.0 |
|
google.golang.org/grpc
golang
|
Direct | v1.80.0 | — | — | — | Apache-2.0 |
|
google.golang.org/protobuf
golang
|
Transitive | v1.36.11 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
gopkg.in/ini.v1
golang
|
Transitive | v1.67.0 | — | — | — | Apache-2.0 |
|
gopkg.in/yaml.v3
golang
|
Transitive | v3.0.1 | — | — | — | Apache-2.0 |
|
gotest.tools/v3
golang
|
Direct | v3.5.2 | — | — | — | Apache-2.0 |
|
ipaddress
pypi
|
Direct | 1.0.23 | — | — | — | PSF-2.0 |
|
jsonschema
|
Direct | >= 2.5.1,< 4 | — | — | — | Unknown |
|
jsonschema
pypi
|
Direct | 3.2.0 | — | — | — | MIT |
|
mccabe
pypi
|
Direct | 0.6.1 | — | — | — | MIT |
|
mock
pypi
|
Direct | 3.0.5 | — | — | — | BSD-2-Clause |
|
more-itertools
pypi
|
Direct | 5.0.0 | — | — | — | MIT |
|
mxschmitt/action-tmate
githubactions
|
Direct | c0afd6f790e3a5564914980036ebf83216678101 | — | — | — | Unknown |
|
ncipollo/release-action
githubactions
|
Direct | 339a81892b84b4eeb0f6e744e4574d79d0d9b8dd | — | — | — | Unknown |
|
ossf/scorecard-action
githubactions
|
Direct | 4eaacf0543bb3f2c246792bd56e8cdeffafb205a | — | — | — | Unknown |
|
packaging
pypi
|
Direct | 20.9 | — | — | — | Apache-2.0 AND BSD-2-Clause |
|
pluggy
pypi
|
Direct | 0.13.1 | — | — | — | MIT |
|
py
pypi
|
Direct | 1.10.0 | — | — | 1 unknown | MIT |
|
pycodestyle
pypi
|
Direct | 2.6.0 | — | — | — | MIT |
|
pycparser
pypi
|
Direct | 2.20 | — | — | — | BSD-3-Clause |
|
pyflakes
pypi
|
Direct | 2.2.0 | — | — | — | MIT |
|
pyrsistent
pypi
|
Direct | 0.16.0 | — | — | — | MIT |
|
pysocks
pypi
|
Direct | 1.7.1 | 1.7.1 | Current | — | BSD-3-Clause |
|
pytest
|
Direct | < 6 | — | — | — | Unknown |
|
pytest
pypi
|
Direct | 4.6.5 | — | — | — | MIT |
|
pytest-cov
pypi
|
Direct | 2.10.1 | — | — | — | MIT |
|
python-dotenv
|
Direct | >= 0.13.0,< 1 | — | — | — | Unknown |
|
python-dotenv
pypi
|
Direct | 0.17.0 | — | — | — | BSD-2-Clause AND BSD-3-Clause |
|
pywin32
pypi
|
Direct | 301 | — | — | — | PSF-2.0 |
|
pyyaml
|
Direct | >= 3.10,< 6 | — | — | — | Unknown |
|
requests
|
Direct | >= 2.20.0,< 3 | — | — | — | Unknown |
|
smmap
pypi
|
Direct | 3.0.4 | — | — | — | BSD-2-Clause |
|
smmap2
pypi
|
Direct | 3.0.1 | — | — | — | BSD-3-Clause |
|
tags.cncf.io/container-device-interface
golang
|
Direct | v1.1.0 | — | — | — | Apache-2.0 |
|
test-summary/action
githubactions
|
Direct | 31493c76ec9e7aa675f1585d3ed6f1da69269a86 | — | — | — | Unknown |
|
texttable
|
Direct | >= 0.9.0,< 2 | — | — | — | Unknown |
|
texttable
pypi
|
Direct | 1.6.3 | — | — | — | MIT |
|
toml
pypi
|
Direct | 0.10.1 | — | — | — | MIT |
|
tox
pypi
|
Direct | 3.21.2 | — | — | — | MIT |
|
wcwidth
pypi
|
Direct | 0.2.5 | — | — | — | MIT |
|
websocket-client
|
Direct | >= 0.32.0,< 1 | — | — | — | Unknown |
|
websocket-client
pypi
|
Direct | 1.1.0 | — | — | — | LGPL-2.1-or-later |
License Breakdown
MIT
62
Apache-2.0
51
Unknown
45
BSD-3-Clause
18
Apache-2.0 AND BSD-3-Clause
13
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
8
BSD-2-Clause
7
MPL-2.0
5
BSD-2-Clause AND BSD-3-Clause
4
LGPL-2.1-or-later
3
Apache-2.0 AND MIT
2
PSF-2.0
2
Apache-2.0 AND BSD-2-Clause
1
Apache-2.0 AND BSD-3-Clause AND MIT
1
Apache-2.0 AND BSD-3-Clause AND PSF-2.0 AND Python-2.0
1
Apache-2.0 AND CC-BY-SA-4.0
1
Apache-2.0 AND LicenseRef-scancode-dco-1.1 AND MIT
1
GPL-3.0-or-later
1
Python-2.0.1
1
Unlicense
1
CVE Severity
critical
1
high
7
medium
7
low
0
unknown
2