Dependency Analysis
ocis
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
61%
Freshness
1916
Dependencies
585
Outdated
0
Stale
42.0
Avg Behind
Dependency List
Latest release v8.0.1
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
golang.org/x/crypto
golang
|
Direct | 0.0.0-20201221181555-eec23a3978ad | — | — | 9 critical | Unknown |
|
google.golang.org/grpc
golang
|
Direct | 1.39.0 | — | — | 3 critical | Apache-2.0 |
|
@babel/plugin-transform-modules-systemjs
npm
|
Transitive | 7.28.5 | 7.29.7 | 10 behind | 1 high | MIT |
|
axios
npm
|
Direct | 1.15.1 | 1.17.0 | 6 behind | 2 high | MIT |
|
fast-uri
npm
|
Transitive | 3.1.0 | 3.1.2 | 2 behind | 2 high | BSD-3-Clause |
|
github.com/dgrijalva/jwt-go
golang
|
Direct | 3.2.0+incompatible | — | — | 1 high | MIT |
|
github.com/prometheus/client_golang
golang
|
Direct | 1.10.0 | — | — | 1 high | Apache-2.0 |
|
github.com/shamaton/msgpack/v2
golang
|
Direct | v2.4.0 | — | — | 1 high | MIT |
|
github.com/sirupsen/logrus
golang
|
Direct | 1.8.1 | — | — | 1 high | MIT |
|
golang.org/x/image
golang
|
Direct | 0.0.0-20191009234506-e7c1f5e7dbb8 | — | — | 7 high | Unknown |
|
golang.org/x/net
golang
|
Direct | 0.0.0-20210428140749-89ef3d95e781 | — | — | 14 high | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/oauth2
golang
|
Direct | 0.0.0-20210402161424-2e8d93401602 | — | — | 1 high | BSD-3-Clause |
|
minimatch
npm
|
Transitive | 3.1.3 | — | — | 1 high | ISC |
|
yaml
npm
|
Transitive | 1.10.2 | 2.9.0 | 49 behind | 1 medium | ISC |
|
postcss
npm
|
Transitive | 8.4.39 | 8.5.15 | 26 behind | 1 medium | MIT |
|
github.com/blevesearch/bleve
golang
|
Direct | 1.0.9 | — | — | 1 medium | Apache-2.0 |
|
golang.org/x/sys
golang
|
Direct | 0.0.0-20210608053332-aa57babbf139 | — | — | 1 medium | Unknown |
|
google.golang.org/protobuf
golang
|
Direct | 1.27.1 | — | — | 1 medium | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
github.com/disintegration/imaging
golang
|
Direct | 1.6.2 | — | — | 1 low | MIT |
|
github.com/aws/aws-sdk-go
golang
|
Transitive | v1.55.8 | — | — | 2 unknown | Apache-2.0 |
|
github.com/go-chi/chi
golang
|
Direct | 4.1.2+incompatible | — | — | 1 unknown | MIT |
|
golang.org/x/net
golang
|
Direct | v0.50.0 | — | — | 2 unknown | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
License Breakdown
MIT
1316
Apache-2.0
127
Unknown
119
BSD-3-Clause
79
ISC
72
MIT-0
59
BSD-2-Clause
53
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
16
Apache-2.0 AND BSD-3-Clause
9
CC0-1.0
8
Apache-2.0 AND MIT
6
ISC AND MIT
5
MPL-2.0
5
BlueOak-1.0.0
4
CC0-1.0 AND MIT
4
0BSD
3
CC-BY-4.0
3
Apache-2.0 AND BSD-2-Clause
2
Apache-2.0 AND BSD-3-Clause AND MIT
2
BSD-2-Clause AND BSD-3-Clause
2
BSD-3-Clause AND MIT
2
CC-BY-3.0 AND MIT
2
LicenseRef-scancode-public-domain AND Unlicense
2
MIT AND MIT-0
2
AFL-2.1 AND AFL-3.0 AND BSD-3-Clause
1
Apache-2.0 AND LicenseRef-scancode-unknown-license-reference
1
Apache-2.0 AND OFL-1.1 AND Ubuntu-font-1.0
1
Apache-2.0 OR (Apache-2.0 AND MIT)
1
BSD-2-Clause AND BSD-2-Clause-Views
1
BSD-2-Clause AND ISC
1
BSD-2-Clause-Views
1
CC-BY-3.0
1
FTL OR GPL-2.0-or-later
1
LicenseRef-scancode-free-unknown AND MIT
1
LicenseRef-scancode-unicode AND MIT
1
MIT OR (CC0-1.0 AND MIT)
1
Python-2.0
1
CVE Severity
critical
2
high
11
medium
5
low
1
unknown
3