Dependency Analysis
homebox
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
70%
Freshness
2435
Dependencies
466
Outdated
0
Stale
3.0
Avg Behind
Dependency List
Latest release v0.25.0
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
@img/sharp-libvips-darwin-arm64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-darwin-x64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-arm
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-arm64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-ppc64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-riscv64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-s390x
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linux-x64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linuxmusl-arm64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-libvips-linuxmusl-x64
npm
|
Transitive | 1.2.4 | 1.2.4 | Current | — | BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-win32-arm64
npm
|
Transitive | 0.34.5 | 0.34.5 | Current | — | Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-win32-ia32
npm
|
Transitive | 0.34.5 | 0.34.5 | Current | — | Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@img/sharp-win32-x64
npm
|
Transitive | 0.34.5 | 0.34.5 | Current | — | Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 |
|
@opentelemetry/api
npm
|
Direct | 1.9.1 | 1.9.1 | Current | — | Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only) |
|
github.com/azure/azure-sdk-for-go/sdk/messaging/azservicebus
golang
|
Transitive | v1.10.0 | — | — | — | LGPL-2.1-or-later AND MIT |
|
github.com/golang/freetype
golang
|
Direct | v0.0.0-20170609003504-e2365dfdc4a0 | — | — | — | FTL OR GPL-2.0-or-later |
|
node-forge
npm
|
Transitive | 1.4.0 | 1.4.0 | Current | — | BSD-3-Clause OR GPL-2.0-only |
License Breakdown
MIT
1874
Apache-2.0
166
Unknown
97
ISC
71
BSD-3-Clause
47
BSD-2-Clause
38
BlueOak-1.0.0
19
MPL-2.0
14
Apache-2.0 AND BSD-3-Clause
13
BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
10
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
10
CC0-1.0
9
MIT OR Apache-2.0
7
Apache-2.0 AND MIT
5
CC0-1.0 AND MIT
5
LicenseRef-scancode-generic-cla AND MIT
4
Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0
3
ISC AND MIT
3
MIT-0
3
0BSD
2
0BSD AND ISC AND MIT
2
BSD-2-Clause AND BSD-3-Clause
2
BSD-3-Clause AND MIT
2
JSON AND MIT
2
LicenseRef-scancode-unicode AND MIT
2
OFL-1.1
2
Python-2.0
2
(MIT OR CC0-1.0)
1
Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT
1
Apache-2.0 AND BSD-3-Clause AND MIT
1
Apache-2.0 AND CC-BY-3.0 AND MIT
1
Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
1
Apache-2.0 OR MPL-2.0
1
Apache-2.0 OR Unlicense OR (Apache-2.0 AND Unlicense)
1
BSD-2-Clause AND BSD-2-Clause-Views
1
BSD-2-Clause AND CC0-1.0 AND ISC AND MIT
1
BSD-2-Clause-Views
1
BSD-3-Clause AND ISC AND MIT
1
BSD-3-Clause AND LicenseRef-scancode-protobuf
1
BSD-3-Clause OR GPL-2.0-only
1
CC-BY-3.0
1
CC-BY-4.0
1
CC0-1.0 AND LicenseRef-scancode-public-domain
1
FTL OR GPL-2.0-or-later
1
LGPL-2.1-or-later AND MIT
1
LicenseRef-scancode-unknown-license-reference AND MIT
1
MIT OR (CC0-1.0 AND MIT)
1
CVE Severity
critical
1
high
5
medium
5
low
1
unknown
0