linkding

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

59% Freshness

656 Dependencies

207 Outdated

0 Stale

5.8 Avg Behind

Dependency List

Latest release v1.45.0

All 655 Outdated 268 Has CVE 17 GPL 13

Dependency	Type	Current	Latest	Behind	CVE	License
vite npm	Transitive	6.4.1	8.0.16	52 behind	2 high	Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT
h3 npm	Transitive	1.15.4	2.0.1-rc.22	34 behind	5 high	MIT
picomatch npm	Transitive	2.3.1	4.0.4	9 behind	2 high	MIT
picomatch npm	Transitive	2.3.1	4.0.4	9 behind	2 high	MIT
devalue npm	Transitive	5.6.1	5.8.1	7 behind	6 high	MIT
serialize-javascript npm	Transitive	6.0.2	7.0.5	6 behind	2 high	BSD-3-Clause
defu npm	Transitive	6.1.4	6.1.7	3 behind	1 high	MIT
svgo npm	Transitive	4.0.0	4.0.1	1 behind	1 high	MIT
svgo npm	Transitive	4.0.0	4.0.1	1 behind	1 high	MIT
rollup npm	Direct	4.48.0	—	—	1 high	0BSD AND ISC AND MIT
postcss npm	Direct	8.5.6	8.5.15	9 behind	1 medium	MIT
postcss npm	Transitive	8.5.6	8.5.15	9 behind	1 medium	MIT
yaml npm	Transitive	2.8.1	2.9.0	7 behind	1 medium	ISC
smol-toml npm	Transitive	1.5.2	1.6.1	2 behind	1 medium	BSD-3-Clause
astro npm	Direct	5.16.5	—	—	2 medium	MIT
diff npm	Transitive	5.2.0	9.0.0	15 behind	1 low	BSD-3-Clause
@hotwired/turbo npm	Direct	8.0.13	—	—	1 low	MIT

License Breakdown

MIT 532

ISC 24

Unknown 21

Apache-2.0 18

BSD-2-Clause 17

BSD-3-Clause 12

BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 10

CC0-1.0 4

Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 3

MIT-0 3

0BSD AND ISC AND MIT 2

CC0-1.0 AND MIT 2

0BSD 1

Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 1

BSD-3-Clause AND MIT 1

BlueOak-1.0.0 1

CC-BY-4.0 1

ISC AND MIT 1

Python-2.0 1

CVE Severity

critical 0

high 10

medium 5

low 2

unknown 0