Tools / docs / Dependencies

Dependency Analysis

docs

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

58% Freshness

2630 Dependencies

911 Outdated

0 Stale

11.8 Avg Behind

Dependency List

Latest release v5.0.0

All 2629 Outdated 1217 Has CVE 6 GPL 18

Dependency	Type	Current	Latest	Behind	CVE	License
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
lxml pypi	Direct	6.1.0	6.1.1	1 behind	—	BSD-3-Clause AND GPL-1.0-or-later AND LicenseRef-scancode-unknown-license-reference
psycopg pypi	Direct	3.3.3	3.3.4	1 behind	—	LGPL-3.0 AND LGPL-3.0-only
@img/sharp-libvips-darwin-arm64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-darwin-x64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-arm npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-arm64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-ppc64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-riscv64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-s390x npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-x64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linuxmusl-arm64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linuxmusl-x64 npm	Transitive	1.2.4	1.2.4	Current	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-win32-arm64 npm	Transitive	0.34.5	0.34.5	Current	—	Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-win32-ia32 npm	Transitive	0.34.5	0.34.5	Current	—	Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-win32-x64 npm	Transitive	0.34.5	0.34.5	Current	—	Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@opentelemetry/api npm	Transitive	1.9.1	1.9.1	Current	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
jszip npm	Transitive	3.10.1	3.10.1	Current	—	GPL-3.0-only OR MIT

License Breakdown

MIT 1924

Apache-2.0 293

ISC 93

Unknown 89

BSD-3-Clause 48

BSD-2-Clause 45

MPL-2.0 25

BlueOak-1.0.0 14

BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 10

FSL-1.1-MIT 9

Apache-2.0 AND MIT 8

BSD-2-Clause AND BSD-3-Clause 8

CC0-1.0 7

CC0-1.0 AND MIT 6

OFL-1.1 6

ISC AND MIT 5

MIT-0 5

Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 3

CC-BY-4.0 3

Apache-2.0 AND OFL-1.1 AND Ubuntu-font-1.0 2

Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only) 2

LicenseRef-scancode-unicode AND MIT 2

MIT AND Zlib 2

MIT OR (CC0-1.0 AND MIT) 2

Python-2.0 2

(MIT OR CC0-1.0) 1

(MPL-2.0 OR Apache-2.0) 1

0BSD 1

0BSD AND ISC AND MIT 1

0BSD AND MIT 1

AFL-2.1 AND AFL-3.0 AND BSD-3-Clause 1

Apache-2.0 AND BSD-2-Clause 1

Apache-2.0 AND CC-BY-3.0 AND CC-BY-4.0 AND CC-BY-SA-3.0 AND CC0-1.0 AND ISC AND LicenseRef-scancode-unknown-license-reference AND MIT AND MPL-2.0 AND OFL-1.1 1

BSD-2-Clause AND BSD-2-Clause-Views 1

BSD-3-Clause AND CC-BY-SA-4.0 1

BSD-3-Clause AND GPL-1.0-or-later AND LicenseRef-scancode-unknown-license-reference 1

CC-BY-3.0 AND CC-BY-SA-3.0 AND MIT 1

GPL-3.0-only OR MIT 1

LGPL-3.0 AND LGPL-3.0-only 1

MIT AND HPND 1

Unlicense 1

CVE Severity

critical 0

high 5

medium 1

low 0

unknown 0