Tools / InvenTree / Dependencies

Dependency Analysis

InvenTree

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

66% Freshness

1253 Dependencies

311 Outdated

0 Stale

8.4 Avg Behind

Dependency List

Latest release 1.3.2

All 1252 Outdated 508 Has CVE 6 GPL 22

Dependency	Type	Current	Latest	Behind	CVE	License
axios npm	Direct	1.15.0	1.17.0	8 behind	13 high	MIT
gitpython pypi	Direct	3.1.47	3.1.50	3 behind	2 high	Unknown
fast-uri npm	Transitive	3.1.0	3.1.2	2 behind	2 high	BSD-3-Clause
lodash npm	Transitive	4.17.23	4.18.1	2 behind	2 high	CC0-1.0 AND MIT
postcss npm	Transitive	8.4.49	8.5.15	16 behind	1 medium	MIT
brace-expansion npm	Transitive	2.0.2	5.0.6	11 behind	1 medium	MIT

License Breakdown

MIT 779

Unknown 157

BSD-3-Clause 61

Apache-2.0 56

ISC 53

BSD-2-Clause AND BSD-3-Clause 27

BSD-2-Clause 15

BlueOak-1.0.0 12

BSD-2-Clause AND BSD-3-Clause AND MIT 5

MPL-2.0 4

Apache-2.0 AND BSD-2-Clause 3

CC0-1.0 AND MIT 3

Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 3

(CC-BY-4.0 AND MIT) 2

0BSD AND BSD-3-Clause AND LicenseRef-scancode-other-permissive AND MIT AND Python-2.0 2

Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 2

Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1 2

Apache-2.0 AND BSD-3-Clause AND MPL-2.0 2

Apache-2.0 AND GPL-2.0-only 2

Apache-2.0 AND LicenseRef-scancode-generic-cla AND MIT 2

Apache-2.0 AND MIT 2

Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause) 2

BSD-2-Clause AND BSD-3-Clause AND BSD-Advertising-Acknowledgement 2

BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-free-unknown AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain 2

BSD-2-Clause AND LicenseRef-scancode-other-permissive 2

BSD-3-Clause AND GPL-1.0-or-later AND LicenseRef-scancode-unknown-license-reference 2

BSD-3-Clause OR Apache-2.0 2

CC-BY-3.0 AND MIT 2

GPL-1.0-or-later AND GPL-2.0-only AND GPL-2.0-or-later AND LGPL-2.1-only AND LGPL-2.1-or-later AND MPL-1.1 2

GPL-1.0-or-later AND MIT 2

LGPL-2.1-only 2

LGPL-3.0 AND LGPL-3.0-only AND LGPL-3.0-or-later 2

LicenseRef-scancode-public-domain 2

MIT AND HPND 2

MIT AND HPND-Markus-Kuhn 2

MIT-0 2

MIT-CMU 2

PSF-2.0 2

PSF-2.0 AND Python-2.0 2

Unlicense 2

(MPL-2.0 OR Apache-2.0) 1

0BSD 1

0BSD AND ISC AND MIT 1

Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 1

Apache-2.0 AND Python-2.0 1

BSD-2-Clause AND BSD-3-Clause AND GPL-1.0-or-later 1

BSD-2-Clause AND BSD-3-Clause AND PSF-2.0 AND Python-2.0 AND Python-2.0.1 1

BSD-3-Clause AND MIT 1

CC-BY-3.0 1

CC-BY-4.0 1

CC0-1.0 1

GPL-2.0 AND GPL-2.0-only 1

ISC AND JSON AND MIT 1

LGPL-2.0-or-later AND LGPL-2.1 AND LGPL-2.1-only AND LGPL-2.1-or-later AND Python-2.0 1

LGPL-3.0 AND LGPL-3.0-only 1

LGPL-3.0-only 1

MIT AND python-ldap 1

MIT OR (CC0-1.0 AND MIT) 1

MIT OR AFL-2.1 1

Python-2.0 1

CVE Severity

critical 0

high 4

medium 2

low 0

unknown 0