Dependency Analysis
Kyoo
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
87%
Freshness
394
Dependencies
41
Outdated
0
Stale
17.0
Avg Behind
Dependency List
Latest release v5.0.0
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
drizzle-orm
npm
|
Direct | 0.44.7 | 0.45.2 | 204 behind | 1 high | Apache-2.0 |
|
python-multipart
pypi
|
Direct | 0.0.22 | 0.0.30 | 8 behind | 2 high | Apache-2.0 |
|
python-dotenv
pypi
|
Direct | 1.2.1 | 1.2.2 | 1 behind | 1 medium | BSD-3-Clause |
|
react
npm
|
Direct | 19.2.0 | 19.2.7 | 285 behind | — | MIT |
|
react-dom
npm
|
Direct | 19.2.0 | 19.2.7 | 285 behind | — | MIT |
|
typescript
npm
|
Direct | 5.9.3 | 6.0.3 | 181 behind | — | Apache-2.0 |
|
react-native-worklets
npm
|
Direct | 0.7.2 | 0.9.1 | 95 behind | — | MIT |
|
react-native
npm
|
Direct | 0.83.2 | 0.85.3 | 90 behind | — | MIT |
|
react-native-reanimated
npm
|
Direct | 4.2.1 | 4.4.1 | 86 behind | — | MIT |
|
wrapt
pypi
|
Direct | 1.17.3 | 2.2.1 | 33 behind | — | BSD-2-Clause |
|
fastapi
pypi
|
Direct | 0.128.0 | 0.136.3 | 26 behind | — | MIT |
|
sentry-sdk
pypi
|
Direct | 2.49.0 | 2.61.1 | 26 behind | — | Unknown |
|
typer
pypi
|
Direct | 0.21.1 | 0.26.7 | 18 behind | — | MIT |
|
fastapi-cloud-cli
pypi
|
Direct | 0.9.0 | 0.19.0 | 15 behind | — | Unknown |
|
rich-toolkit
pypi
|
Direct | 0.17.1 | 0.20.0 | 15 behind | — | BSD-3-Clause AND MIT |
|
pydantic
pypi
|
Direct | 2.12.5 | 2.13.4 | 10 behind | — | MIT |
|
protobuf
pypi
|
Direct | 6.33.5 | 7.35.0 | 9 behind | — | BSD-3-Clause AND LicenseRef-scancode-protobuf |
|
pydantic-core
pypi
|
Direct | 2.41.5 | 2.47.0 | 9 behind | — | MIT |
|
starlette
pypi
|
Direct | 0.50.0 | 1.2.1 | 9 behind | — | BSD-3-Clause |
|
uvicorn
pypi
|
Direct | 0.40.0 | 0.49.0 | 9 behind | — | BSD-3-Clause |
|
@biomejs/biome
npm
|
Direct | 2.4.8 | 2.4.16 | 8 behind | — | MIT OR Apache-2.0 |
|
grpcio
pypi
|
Direct | 1.76.0 | 1.81.0 | 7 behind | — | Apache-2.0 AND BSD-3-Clause AND MPL-2.0 |
|
rich
pypi
|
Direct | 14.2.0 | 15.0.0 | 6 behind | — | MIT |
|
opentelemetry-api
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp-proto-common
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp-proto-grpc
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp-proto-http
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
opentelemetry-proto
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
opentelemetry-sdk
pypi
|
Direct | 1.39.1 | 1.42.1 | 5 behind | — | Apache-2.0 |
|
requests
pypi
|
Direct | 2.33.0 | 2.34.2 | 5 behind | — | Apache-2.0 |
|
click
pypi
|
Direct | 8.3.1 | 8.4.1 | 4 behind | — | BSD-3-Clause |
|
fastapi-cli
pypi
|
Direct | 0.0.20 | 0.0.24 | 4 behind | — | MIT |
|
fastar
pypi
|
Direct | 0.8.0 | 0.11.0 | 4 behind | — | MIT |
|
googleapis-common-protos
pypi
|
Direct | 1.72.0 | 1.75.0 | 4 behind | — | Apache-2.0 |
|
pydantic-settings
pypi
|
Direct | 2.12.0 | 2.14.1 | 4 behind | — | MIT |
|
certifi
pypi
|
Direct | 2026.1.4 | 2026.5.20 | 3 behind | — | MPL-2.0 |
|
charset-normalizer
pypi
|
Direct | 3.4.4 | 3.4.7 | 3 behind | — | MIT |
|
httpx
pypi
|
Direct | 0.28.1 | 1.0.0.dev3 | 3 behind | — | BSD-3-Clause |
|
cryptography
pypi
|
Direct | 46.0.7 | 48.0.0 | 2 behind | — | BSD-3-Clause OR Apache-2.0 |
|
importlib-metadata
pypi
|
Direct | 8.7.1 | 9.0.0 | 2 behind | — | Apache-2.0 |
|
markdown-it-py
pypi
|
Direct | 4.0.0 | 4.2.0 | 2 behind | — | MIT |
|
pydantic-extra-types
pypi
|
Direct | 2.11.0 | 2.11.2 | 2 behind | — | MIT |
|
react-native-svg
npm
|
Direct | 15.15.3 | 15.15.5 | 2 behind | — | MIT |
|
yarl
pypi
|
Direct | 1.22.0 | 1.24.2 | 2 behind | — | Apache-2.0 |
|
zipp
pypi
|
Direct | 3.23.0 | 4.1.0 | 2 behind | — | MIT |
|
aiohappyeyeballs
pypi
|
Direct | 2.6.1 | 2.6.2 | 1 behind | — | 0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 |
|
aiohttp
pypi
|
Direct | 3.13.5 | 3.14.0 | 1 behind | — | Apache-2.0 AND MIT |
|
anyio
pypi
|
Direct | 4.12.1 | 4.13.0 | 1 behind | — | MIT |
|
asgiref
pypi
|
Direct | 3.11.0 | 3.11.1 | 1 behind | — | BSD-3-Clause |
|
attrs
pypi
|
Direct | 25.4.0 | 26.1.0 | 1 behind | — | MIT |
|
httptools
pypi
|
Direct | 0.7.1 | 0.8.0 | 1 behind | — | MIT |
|
multidict
pypi
|
Direct | 6.7.0 | 6.7.1 | 1 behind | — | Apache-2.0 |
|
propcache
pypi
|
Direct | 0.4.1 | 0.5.2 | 1 behind | — | Apache-2.0 |
|
pyjwt
pypi
|
Direct | 2.12.1 | 2.13.0 | 1 behind | — | MIT |
|
urllib3
pypi
|
Direct | 2.6.3 | 2.7.0 | 1 behind | — | MIT |
|
watchfiles
pypi
|
Direct | 1.1.1 | 1.2.0 | 1 behind | — | MIT |
License Breakdown
Unknown
171
MIT
72
Apache-2.0
66
Apache-2.0 AND BSD-3-Clause
17
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
17
BSD-3-Clause
14
Apache-2.0 AND MIT
6
BSD-2-Clause AND BSD-3-Clause
4
Apache-2.0 AND BSD-3-Clause AND MIT
2
Apache-2.0 AND CC-BY-3.0 AND MIT
2
BSD-2-Clause
2
ISC
2
MIT AND PostgreSQL AND PostgreSQL
2
MIT OR Apache-2.0
2
MIT-0
2
0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0
1
Apache-2.0 AND BSD-2-Clause
1
Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
Apache-2.0 AND BSD-3-Clause AND MPL-2.0
1
Artistic-1.0-Perl OR GPL-1.0-only OR GPL-2.0-or-later
1
BSD-3-Clause AND LicenseRef-scancode-protobuf
1
BSD-3-Clause AND MIT
1
BSD-3-Clause OR Apache-2.0
1
CC0-1.0 AND Unlicense
1
ISC AND MPL-2.0
1
MPL-2.0
1
Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD
1
CVE Severity
critical
0
high
2
medium
1
low
1
unknown
1