Kroki

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

61% Freshness

3039 Dependencies

917 Outdated

0 Stale

13.4 Avg Behind

Dependency List

Latest release v0.30.1

Dependency	Type	Current	Latest	Behind	CVE	License
ch.qos.logback.contrib:logback-json-classic maven	Direct	0.1.5	—	—	—	EPL-1.0 OR LGPL-2.1-only
ch.qos.logback:logback-classic maven	Direct	1.5.32	—	—	—	EPL-2.0 AND LGPL-2.1 AND LGPL-2.1-only
ch.qos.logback:logback-core maven	Direct	1.5.32	—	—	—	EPL-2.0 AND LGPL-2.1 AND LGPL-2.1-only

MIT 2459

ISC 243

Apache-2.0 106

BSD-2-Clause 49

BSD-3-Clause 41

Unknown 34

Apache-2.0 AND BSD-2-Clause 16

0BSD 12

ISC AND MIT 11

CC0-1.0 AND MIT 10

Apache-2.0 AND MIT 8

BSD-2-Clause AND BSD-2-Clause-Views 8

MIT OR (CC0-1.0 AND MIT) 8

Python-2.0 8

BSD-2-Clause AND BSD-3-Clause 5

Apache-2.0 AND ISC 2

EPL-2.0 2

EPL-2.0 AND LGPL-2.1 AND LGPL-2.1-only 2

LicenseRef-scancode-unknown-license-reference AND EPL-2.0 2

Unlicense 2

Apache-2.0 AND BSD-3-Clause AND MIT 1

Apache-2.0 OR MPL-2.0 1

Apache-2.0 OR MPL-2.0 OR (Apache-2.0 AND MPL-2.0) 1

BSD-3-Clause AND LicenseRef-scancode-generic-cla AND MIT 1

BSD-3-Clause AND MIT 1

BlueOak-1.0.0 1

CC0-1.0 1

EPL-1.0 OR LGPL-2.1-only 1

MIT AND LicenseRef-scancode-unknown-license-reference AND EPL-2.0 1

MIT AND Zlib 1

critical 4

high 24

medium 27

low 0

unknown 0