drawio

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

51% Freshness

69 Dependencies

29 Outdated

0 Stale

5.2 Avg Behind

Dependency List

Latest release v29.7.11

All 68 Outdated 35 Has CVE 1 GPL 13

Dependency	Type	Current	Latest	Behind	CVE	License
@img/sharp-libvips-linux-x64 npm	Direct	1.1.0	1.2.4	14 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-arm64 npm	Direct	1.1.0	1.2.4	13 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-darwin-arm64 npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-darwin-x64 npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-arm npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-ppc64 npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linux-s390x npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linuxmusl-arm64 npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-libvips-linuxmusl-x64 npm	Direct	1.1.0	1.2.4	12 behind	—	BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-wasm32 npm	Direct	0.34.0	—	—	—	Apache-2.0 AND LGPL-3.0-or-later AND MIT
@img/sharp-win32-ia32 npm	Direct	0.34.0	—	—	—	Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
@img/sharp-win32-x64 npm	Direct	0.34.0	—	—	—	Apache-2.0 AND LGPL-3.0-or-later
jsZip npm	Direct	3.10.1	3.10.1	Current	—	GPL-3.0-only OR MIT

License Breakdown

MIT 31

Apache-2.0 11

BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-alliance-open-media-patent-1.0 AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 9

ISC 5

Unknown 5

(MPL-2.0 OR Apache-2.0) 1

0BSD 1

Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 1

Apache-2.0 AND LGPL-3.0-or-later 1

Apache-2.0 AND LGPL-3.0-or-later AND MIT 1

GPL-3.0-only OR MIT 1

MIT AND Zlib 1

CVE Severity

critical 1

high 0

medium 0

low 0

unknown 0