Dependency Analysis
droidrun
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
59%
Freshness
221
Dependencies
64
Outdated
0
Stale
3.0
Avg Behind
Dependency List
Latest release v0.5.9
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
strawberry-graphql
pypi
|
Transitive | 0.287.3 | 0.316.0 | 74 behind | 2 high | MIT |
|
black
pypi
|
Direct | 25.9.0 | 26.5.1 | 8 behind | 1 high | MIT |
|
python-multipart
pypi
|
Transitive | 0.0.22 | 0.0.30 | 8 behind | 2 high | Apache-2.0 |
|
mako
pypi
|
Transitive | 1.3.10 | 1.3.12 | 2 behind | 2 high | MIT |
|
banks
pypi
|
Transitive | 2.4.1 | 2.4.2 | 1 behind | 1 high | Unknown |
|
pypdf
pypi
|
Transitive | 6.9.2 | 6.12.2 | 7 behind | 5 medium | Unknown |
|
authlib
pypi
|
Transitive | 1.6.9 | 1.7.2 | 6 behind | 1 medium | BSD-3-Clause |
|
cryptography
pypi
|
Transitive | 46.0.6 | 48.0.0 | 3 behind | 1 medium | BSD-3-Clause OR Apache-2.0 |
|
llama-parse
pypi
|
Transitive | 0.5.20 | 0.6.94 | 82 behind | — | MIT |
|
arize-phoenix
pypi
|
Direct | 13.21.0 | 17.2.0 | 49 behind | — | Unknown |
|
boto3
pypi
|
Direct | 1.42.83 | 1.43.22 | 37 behind | — | Unknown |
|
botocore
pypi
|
Transitive | 1.42.83 | 1.43.22 | 37 behind | — | Unknown |
|
llama-index-workflows
pypi
|
Direct | 2.8.3 | 2.20.0 | 35 behind | — | MIT |
|
wrapt
pypi
|
Transitive | 1.17.3 | 2.2.1 | 33 behind | — | BSD-2-Clause |
|
langfuse
pypi
|
Direct | 3.12.1 | 4.7.1 | 29 behind | — | Unknown |
|
llama-index-llms-anthropic
pypi
|
Direct | 0.8.6 | 0.11.5 | 26 behind | — | MIT |
|
posthog
pypi
|
Direct | 7.9.12 | 7.17.0 | 25 behind | — | Unknown |
|
anthropic
pypi
|
Direct | 0.89.0 | 0.105.2 | 21 behind | — | Unknown |
|
google-auth
pypi
|
Transitive | 2.49.1 | 3.0.0.dev0 | 17 behind | — | Apache-2.0 |
|
google-genai
pypi
|
Transitive | 1.70.0 | 2.8.0 | 16 behind | — | Unknown |
|
llama-index
pypi
|
Direct | 0.14.4 | 0.14.22 | 16 behind | — | MIT |
|
openai
pypi
|
Transitive | 2.30.0 | 2.41.0 | 12 behind | — | Apache-2.0 |
|
typer
pypi
|
Transitive | 0.24.1 | 0.26.7 | 11 behind | — | MIT |
|
llama-cloud
pypi
|
Transitive | 1.6.0 | 2.8.0 | 10 behind | — | Unknown |
|
llama-index-llms-openai
pypi
|
Direct | 0.6.26 | 0.7.9 | 10 behind | — | Unknown |
|
pydantic
pypi
|
Direct | 2.12.5 | 2.13.4 | 10 behind | — | MIT |
|
pydantic-core
pypi
|
Transitive | 2.41.5 | 2.47.0 | 9 behind | — | MIT |
|
openinference-instrumentation
pypi
|
Transitive | 0.1.46 | 0.1.53 | 7 behind | — | Apache-2.0 |
|
pandas
pypi
|
Transitive | 2.3.3 | 3.0.3 | 7 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
safety
pypi
|
Direct | 3.7.0 | 3.8.1 | 7 behind | — | LicenseRef-scancode-proprietary-license AND MIT |
|
cachetools
pypi
|
Transitive | 7.0.5 | 7.1.4 | 6 behind | — | MIT |
|
marshmallow
pypi
|
Transitive | 3.26.2 | 4.3.0 | 6 behind | — | BSD-3-Clause AND MIT |
|
mobilerun
pypi
|
Direct | 0.6.0rc2 | 0.6.2 | 6 behind | — | Unknown |
|
mobilerun
pypi
|
Direct | 0.6.0rc2 | 0.6.2 | 6 behind | — | Unknown |
|
openinference-instrumentation-openai
pypi
|
Transitive | 0.1.44 | 0.1.50 | 6 behind | — | Unknown |
|
ruff
pypi
|
Direct | 0.15.9 | 0.15.15 | 6 behind | — | Unknown |
|
sqlean-py
pypi
|
Transitive | 3.49.1 | 3.50.4.5 | 6 behind | — | Unknown |
|
striprtf
pypi
|
Transitive | 0.0.26 | 0.0.32 | 6 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
uvicorn
pypi
|
Transitive | 0.43.0 | 0.49.0 | 6 behind | — | BSD-3-Clause |
|
arize-phoenix-client
pypi
|
Transitive | 2.3.0 | 2.7.0 | 5 behind | — | Unknown |
|
protobuf
pypi
|
Transitive | 6.33.6 | 7.35.0 | 5 behind | — | Unknown |
|
textual
pypi
|
Direct | 8.2.2 | 8.2.7 | 5 behind | — | Unknown |
|
fastapi
pypi
|
Transitive | 0.135.3 | 0.136.3 | 4 behind | — | MIT |
|
llama-index-llms-google-genai
pypi
|
Direct | 0.9.1 | 0.9.5 | 4 behind | — | Unknown |
|
mypy
pypi
|
Direct | 1.20.0 | 2.1.0 | 4 behind | — | MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause |
|
openinference-instrumentation-llama-index
pypi
|
Direct | 4.3.9 | 4.4.2 | 4 behind | — | Apache-2.0 |
|
opentelemetry-api
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Unknown |
|
opentelemetry-exporter-otlp-proto-common
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp-proto-grpc
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Unknown |
|
opentelemetry-exporter-otlp-proto-http
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-proto
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-sdk
pypi
|
Transitive | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
requests
pypi
|
Transitive | 2.33.1 | 2.34.2 | 4 behind | — | Apache-2.0 |
|
s3transfer
pypi
|
Transitive | 0.16.0 | 0.18.0 | 4 behind | — | Apache-2.0 |
|
sse-starlette
pypi
|
Transitive | 3.3.4 | 3.4.4 | 4 behind | — | Unknown |
|
starlette
pypi
|
Transitive | 1.0.0 | 1.2.1 | 4 behind | — | BSD-3-Clause |
|
click
pypi
|
Transitive | 8.3.2 | 8.4.1 | 3 behind | — | BSD-3-Clause |
|
cross-web
pypi
|
Transitive | 0.4.1 | 0.7.0 | 3 behind | — | Unknown |
|
filelock
pypi
|
Transitive | 3.25.2 | 3.29.1 | 3 behind | — | MIT |
|
greenlet
pypi
|
Transitive | 3.3.2 | 3.5.1 | 3 behind | — | MIT AND PSF-2.0 |
|
httpx
pypi
|
Direct | 0.28.1 | 1.0.0.dev3 | 3 behind | — | BSD-3-Clause |
|
librt
pypi
|
Transitive | 0.8.1 | 0.11.0 | 3 behind | — | BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 |
|
llama-index-core
pypi
|
Transitive | 0.14.19 | 0.14.22 | 3 behind | — | Unknown |
|
llama-index-llms-openai-like
pypi
|
Direct | 0.6.0 | 0.7.2 | 3 behind | — | Unknown |
|
arize-phoenix-evals
pypi
|
Transitive | 2.13.0 | 3.1.0 | 2 behind | — | Unknown |
|
arize-phoenix-otel
pypi
|
Transitive | 0.15.0 | 0.16.1 | 2 behind | — | Unknown |
|
certifi
pypi
|
Transitive | 2026.2.25 | 2026.5.20 | 2 behind | — | MPL-2.0 |
|
decorator
pypi
|
Transitive | 5.2.1 | 5.3.1 | 2 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
grpcio
pypi
|
Transitive | 1.80.0 | 1.81.0 | 2 behind | — | Apache-2.0 AND BSD-3-Clause AND MPL-2.0 |
|
importlib-metadata
pypi
|
Transitive | 8.7.1 | 9.0.0 | 2 behind | — | Apache-2.0 |
|
jiter
pypi
|
Transitive | 0.13.0 | 0.15.0 | 2 behind | — | MIT |
|
llama-index-cli
pypi
|
Transitive | 0.5.5 | 0.5.7 | 2 behind | — | Unknown |
|
markdown-it-py
pypi
|
Transitive | 4.0.0 | 4.2.0 | 2 behind | — | MIT |
|
mcp
pypi
|
Direct | 1.27.0 | 1.27.2 | 2 behind | — | Unknown |
|
mdit-py-plugins
pypi
|
Transitive | 0.5.0 | 0.6.1 | 2 behind | — | MIT |
|
numpy
pypi
|
Transitive | 2.4.4 | 2.4.6 | 2 behind | — | BSD-3-Clause |
|
openinference-semantic-conventions
pypi
|
Transitive | 0.1.28 | 0.1.30 | 2 behind | — | Apache-2.0 |
|
pathspec
pypi
|
Transitive | 1.0.4 | 1.1.1 | 2 behind | — | MPL-2.0 |
|
platformdirs
pypi
|
Transitive | 4.9.4 | 4.10.0 | 2 behind | — | MIT |
|
pydantic-settings
pypi
|
Transitive | 2.13.1 | 2.14.1 | 2 behind | — | MIT |
|
rich
pypi
|
Direct | 14.3.3 | 15.0.0 | 2 behind | — | MIT |
|
safety-schemas
pypi
|
Transitive | 0.0.16 | 0.0.18 | 2 behind | — | MIT |
|
scikit-learn
pypi
|
Transitive | 1.8.0 | 1.9.0 | 2 behind | — | BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference |
|
sqlalchemy
pypi
|
Transitive | 2.0.49 | 2.0.50 | 2 behind | — | MIT |
|
zipp
pypi
|
Transitive | 3.23.0 | 4.1.0 | 2 behind | — | MIT |
|
aiohappyeyeballs
pypi
|
Transitive | 2.6.1 | 2.6.2 | 1 behind | — | 0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 |
|
aiohttp
pypi
|
Transitive | 3.13.5 | 3.14.0 | 1 behind | — | Apache-2.0 AND MIT |
|
docstring-parser
pypi
|
Transitive | 0.17.0 | 0.18.0 | 1 behind | — | MIT |
|
fsspec
pypi
|
Transitive | 2026.3.0 | 2026.4.0 | 1 behind | — | BSD-3-Clause |
|
googleapis-common-protos
pypi
|
Transitive | 1.74.0 | 1.75.0 | 1 behind | — | Unknown |
|
llama-index-embeddings-openai
pypi
|
Transitive | 0.5.2 | 0.6.0 | 1 behind | — | Unknown |
|
llama-index-readers-file
pypi
|
Transitive | 0.5.6 | 0.6.0 | 1 behind | — | MIT |
|
mobilerun-sdk
pypi
|
Direct | 3.1.0 | 3.2.0 | 1 behind | — | Unknown |
|
ollama
pypi
|
Transitive | 0.6.1 | 0.6.2 | 1 behind | — | MIT |
|
orjson
pypi
|
Transitive | 3.11.8 | 3.11.9 | 1 behind | — | Unknown |
|
prometheus-client
pypi
|
Transitive | 0.24.1 | 0.25.0 | 1 behind | — | Apache-2.0 AND BSD-2-Clause |
|
propcache
pypi
|
Transitive | 0.4.1 | 0.5.2 | 1 behind | — | Apache-2.0 |
|
pyarrow
pypi
|
Transitive | 23.0.1 | 24.0.0 | 1 behind | — | Apache-2.0 |
|
pyjwt
pypi
|
Transitive | 2.12.1 | 2.13.0 | 1 behind | — | MIT |
|
regex
pypi
|
Transitive | 2026.4.4 | 2026.5.9 | 1 behind | — | CNRI-Python AND Apache-2.0 |
|
rpds-py
pypi
|
Transitive | 0.30.0 | 2026.5.1 | 1 behind | — | MIT |
|
soupsieve
pypi
|
Transitive | 2.8.3 | 2.8.4 | 1 behind | — | MIT |
|
stevedore
pypi
|
Transitive | 5.7.0 | 5.8.0 | 1 behind | — | Apache-2.0 |
|
tiktoken
pypi
|
Transitive | 0.12.0 | 0.13.0 | 1 behind | — | MIT |
|
tomlkit
pypi
|
Transitive | 0.14.0 | 0.15.0 | 1 behind | — | MIT |
|
urllib3
pypi
|
Transitive | 2.6.3 | 2.7.0 | 1 behind | — | MIT |
|
wcwidth
pypi
|
Transitive | 0.6.0 | 0.7.0 | 1 behind | — | MIT AND HPND-Markus-Kuhn |
|
yarl
pypi
|
Transitive | 1.23.0 | 1.24.2 | 1 behind | — | Apache-2.0 |
License Breakdown
MIT
68
Unknown
64
Apache-2.0
29
BSD-3-Clause
17
BSD-2-Clause AND BSD-3-Clause
8
BSD-2-Clause
3
Apache-2.0 AND BSD-2-Clause
2
Apache-2.0 AND MIT
2
MPL-2.0
2
PSF-2.0
2
0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0
1
Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
Apache-2.0 AND BSD-3-Clause AND MPL-2.0
1
BSD-2-Clause AND BSD-3-Clause AND MIT
1
BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1
1
BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
BSD-3-Clause AND MIT
1
BSD-3-Clause OR Apache-2.0
1
CC-BY-SA-3.0 AND MIT AND Python-2.0
1
CC0-1.0 AND Unlicense
1
CNRI-Python AND Apache-2.0
1
ISC
1
ISC AND MPL-2.0
1
LGPL-3.0-or-later
1
LicenseRef-scancode-free-unknown AND MIT
1
LicenseRef-scancode-proprietary-license AND MIT
1
LicenseRef-scancode-public-domain AND Unlicense
1
MIT AND AFL-3.0
1
MIT AND HPND-Markus-Kuhn
1
MIT AND MPL-2.0
1
MIT AND PSF-2.0
1
MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause
1
MIT AND ZPL-2.1
1
MIT-0
1
MIT-CMU
1
Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD
1
CVE Severity
critical
0
high
5
medium
3
low
0
unknown
1