Dependency Analysis
esphome
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
99%
Freshness
87
Dependencies
0
Outdated
0
Stale
0.0
Avg Behind
Dependency List
Latest release 2026.4.4
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
esptool
pypi
|
Direct | 5.2.0 | — | — | 1 high | Unknown |
|
pytest-asyncio
pypi
|
Direct | 1.3.0 | 1.4.0 | 4 behind | — | Apache-2.0 |
|
pytest-asyncio
pypi
|
Direct | 1.3.0 | 1.4.0 | 4 behind | — | Apache-2.0 |
|
requests
pypi
|
Direct | 2.33.1 | 2.34.2 | 4 behind | — | Apache-2.0 |
|
ruff
pypi
|
Direct | 0.15.12 | 0.15.15 | 3 behind | — | MIT |
|
ruff
pypi
|
Direct | 0.15.12 | 0.15.15 | 3 behind | — | MIT |
|
click
pypi
|
Direct | 8.3.3 | 8.4.1 | 2 behind | — | BSD-3-Clause |
|
tornado
pypi
|
Direct | 6.5.5 | 6.5.6 | 1 behind | — | Apache-2.0 |
|
actions/cache
githubactions
|
Direct | 27d5ce7f107fe9357f9df03efb73ab90386fccae | — | — | — | Unknown |
|
actions/cache/restore
githubactions
|
Direct | 27d5ce7f107fe9357f9df03efb73ab90386fccae | — | — | — | Unknown |
|
actions/cache/save
githubactions
|
Direct | 27d5ce7f107fe9357f9df03efb73ab90386fccae | — | — | — | Unknown |
|
actions/checkout
githubactions
|
Direct | de0fac2e4500dabe0009e67214ff5f5447ce83dd | — | — | — | Unknown |
|
actions/create-github-app-token
githubactions
|
Direct | 1b10c78c7865c340bc4f6099eb2f838309f1e8c3 | — | — | — | Unknown |
|
actions/download-artifact
githubactions
|
Direct | 3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c | — | — | — | Unknown |
|
actions/github-script
githubactions
|
Direct | 3a2844b7e9c422d3c10d287c895573f7108da1b3 | — | — | — | Unknown |
|
actions/setup-python
githubactions
|
Direct | a309ff8b426b58ec0e2a45f0f869d46889d02405 | — | — | — | Unknown |
|
actions/stale
githubactions
|
Direct | b5d41d4e1d5dceea10e7104786b73624c18a190f | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a | — | — | — | Unknown |
|
aioesphomeapi
pypi
|
Direct | 44.23.0 | — | — | — | Unknown |
|
argcomplete
|
Direct | — | — | — | — | Unknown |
|
astral-sh/setup-uv
githubactions
|
Direct | 08807647e7069bb48b6ef5acd8ec9567f424441b | — | — | — | Unknown |
|
asyncmock
pypi
|
Direct | 0.4.2 | — | — | — | BSD-2-Clause |
|
asyncmock
pypi
|
Direct | 0.4.2 | — | — | — | BSD-2-Clause |
|
awalsh128/cache-apt-pkgs-action
githubactions
|
Direct | acb598e5ddbc6f68a970c5da0688d2f3a9f04d05 | — | — | — | Unknown |
|
bleak
pypi
|
Direct | 2.1.1 | — | — | — | MIT |
|
clang-format
pypi
|
Direct | 13.0.1 | — | — | — | Apache-2.0 |
|
clang-format
pypi
|
Direct | 13.0.1 | — | — | — | Apache-2.0 |
|
clang-tidy
pypi
|
Direct | 22.1.0.1 | — | — | — | Unknown |
|
clang-tidy
pypi
|
Direct | 22.1.0.1 | — | — | — | Unknown |
|
codecov/codecov-action
githubactions
|
Direct | 57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 | — | — | — | Unknown |
|
CodSpeedHQ/action
githubactions
|
Direct | c381be0bfd20e844fb45594f6aa182ffcd94545c | — | — | — | Unknown |
|
colorama
pypi
|
Direct | 0.4.6 | 0.4.6 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
cryptography
pypi
|
Direct | 48.0.0 | 48.0.0 | Current | — | Unknown |
|
docker/login-action
githubactions
|
Direct | 4907a6ddec9925e35a0a9e82d7399ccc52663121 | — | — | — | Unknown |
|
docker/setup-buildx-action
githubactions
|
Direct | 4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd | — | — | — | Unknown |
|
esphome-dashboard
pypi
|
Direct | 20260425.0 | — | — | — | Unknown |
|
esphome-glyphsets
pypi
|
Direct | 0.2.0 | — | — | — | Apache-2.0 |
|
esphome/pre-commit-action
githubactions
|
Direct | 43cd1109c09c544d97196f7730ee5b2e0cc6d81e | — | — | — | Unknown |
|
esphome/workflows/.github/workflows/lock.yml
githubactions
|
Direct | 025a1e6255610c498ed590403b7e510b69e474df | — | — | — | Unknown |
|
flake8
pypi
|
Direct | 7.3.0 | 7.3.0 | Current | — | MIT |
|
flake8
pypi
|
Direct | 7.3.0 | 7.3.0 | Current | — | MIT |
|
freetype-py
pypi
|
Direct | 2.5.1 | 2.5.1 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
github/codeql-action/analyze
githubactions
|
Direct | e46ed2cbd01164d986452f91f178727624ae40d7 | — | — | — | Unknown |
|
github/codeql-action/init
githubactions
|
Direct | e46ed2cbd01164d986452f91f178727624ae40d7 | — | — | — | Unknown |
|
hypothesis
pypi
|
Direct | 6.92.1 | — | — | — | MPL-2.0 |
|
hypothesis
pypi
|
Direct | 6.92.1 | — | — | — | MPL-2.0 |
|
icmplib
pypi
|
Direct | 3.0.4 | — | — | — | GPL-3.0-or-later AND LGPL-3.0 AND LGPL-3.0-only |
|
importtime-waterfall
pypi
|
Direct | 1.0.0 | — | — | — | MIT |
|
importtime-waterfall
pypi
|
Direct | 1.0.0 | — | — | — | MIT |
|
jinja2
pypi
|
Direct | 3.1.6 | 3.1.6 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
paho-mqtt
pypi
|
Direct | 1.6.1 | — | — | — | BSD-3-Clause |
|
peter-evans/create-pull-request
githubactions
|
Direct | 5f6978faf089d4d20b00c7766989d076bb2fc7f1 | — | — | — | Unknown |
|
pillow
pypi
|
Direct | 12.2.0 | 12.2.0 | Current | — | MIT-CMU |
|
platformio
pypi
|
Direct | 6.1.19 | — | — | — | Unknown |
|
pre-commit
|
Direct | — | — | — | — | Unknown |
|
pre-commit
|
Direct | — | — | — | — | Unknown |
|
pre-commit-ci/lite-action
githubactions
|
Direct | 5d6cc0eb514c891a40562a58a8e71576c5c7fb43 | — | — | — | Unknown |
|
puremagic
pypi
|
Direct | 1.30 | — | — | — | MIT |
|
pylint
pypi
|
Direct | 4.0.5 | 4.0.5 | Current | — | GPL-2.0-only AND CC-BY-4.0 AND CC-BY-SA-4.0 |
|
pylint
pypi
|
Direct | 4.0.5 | 4.0.5 | Current | — | GPL-2.0-only AND CC-BY-4.0 AND CC-BY-SA-4.0 |
|
pypa/gh-action-pypi-publish
githubactions
|
Direct | cef221092ed1bacb1cc03d23a2d87d1d172e277b | — | — | — | Unknown |
|
pyparsing
|
Direct | — | — | — | — | Unknown |
|
pyserial
pypi
|
Direct | 3.5 | — | — | — | BSD-2-Clause |
|
pytest
pypi
|
Direct | 9.0.3 | 9.0.3 | Current | — | MIT |
|
pytest
pypi
|
Direct | 9.0.3 | 9.0.3 | Current | — | MIT |
|
pytest-cov
pypi
|
Direct | 7.1.0 | 7.1.0 | Current | — | MIT |
|
pytest-cov
pypi
|
Direct | 7.1.0 | 7.1.0 | Current | — | MIT |
|
pytest-mock
pypi
|
Direct | 3.15.1 | 3.15.1 | Current | — | MIT |
|
pytest-mock
pypi
|
Direct | 3.15.1 | 3.15.1 | Current | — | MIT |
|
pytest-xdist
pypi
|
Direct | 3.8.0 | 3.8.0 | Current | — | MIT |
|
pytest-xdist
pypi
|
Direct | 3.8.0 | 3.8.0 | Current | — | MIT |
|
pyupgrade
pypi
|
Direct | 3.21.2 | 3.21.2 | Current | — | MIT |
|
pyupgrade
pypi
|
Direct | 3.21.2 | 3.21.2 | Current | — | MIT |
|
pyyaml
pypi
|
Direct | 6.0.3 | 6.0.3 | Current | — | MIT |
|
resvg-py
pypi
|
Direct | 0.3.1 | — | — | — | Unknown |
|
ruamel-yaml
pypi
|
Direct | 0.19.1 | 0.19.1 | Current | — | Unknown |
|
ruamel-yaml-clib
pypi
|
Direct | 0.2.15 | 0.2.15 | Current | — | Unknown |
|
setuptools
pypi
|
Direct | 82.0.1 | 82.0.1 | Current | — | MIT |
|
smpclient
pypi
|
Direct | 6.0.0 | — | — | — | Apache-2.0 |
|
tzdata
|
Direct | — | — | — | — | Unknown |
|
tzlocal
pypi
|
Direct | 5.3.1 | 5.3.1 | Current | — | MIT |
|
voluptuous
pypi
|
Direct | 0.16.0 | — | — | — | BSD-3-Clause |
|
wheel
|
Direct | — | — | — | — | Unknown |
|
yamllint
pypi
|
Direct | 1.38.0 | — | — | — | GPL-1.0-or-later AND GPL-3.0 AND GPL-3.0-only |
|
yamllint
pypi
|
Direct | 1.38.0 | — | — | — | GPL-1.0-or-later AND GPL-3.0 AND GPL-3.0-only |
|
zeroconf
pypi
|
Direct | 0.148.0 | — | — | — | LGPL-2.1-only |
License Breakdown
Unknown
39
MIT
21
Apache-2.0
8
BSD-2-Clause
3
BSD-2-Clause AND BSD-3-Clause
3
BSD-3-Clause
3
GPL-1.0-or-later AND GPL-3.0 AND GPL-3.0-only
2
GPL-2.0-only AND CC-BY-4.0 AND CC-BY-SA-4.0
2
MPL-2.0
2
GPL-3.0-or-later AND LGPL-3.0 AND LGPL-3.0-only
1
LGPL-2.1-only
1
MIT-CMU
1
CVE Severity
critical
0
high
1
medium
0
low
0
unknown
0