onedev

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

100% Freshness

269 Dependencies

0 Outdated

0 Stale

— Avg Behind

Dependency List

Latest release v15.0.5

Dependency	Type	Current	Latest	Behind	CVE	License
ch.qos.logback:logback-core maven	Direct	1.4.14	—	—	4 medium	LGPL-2.1
ch.qos.logback:logback-classic maven	Direct	1.4.14	—	—	—	LGPL-2.1
com.github.albfernandez:juniversalchardet maven	Direct	2.4.0	—	—	—	LGPL-3.0
com.sun.mail:javax.mail maven	Direct	1.6.2	—	—	—	CDDL-1.1 OR GPL-2.0-only WITH Classpath-exception-2.0
javax.xml.bind:jaxb-api maven	Direct	2.3.1	—	—	—	CDDL-1.1 OR GPL-2.0-only WITH Classpath-exception-2.0
org.glassfish.hk2:guice-bridge maven	Direct	2.5.0	—	—	—	EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0
org.glassfish:javax.el maven	Direct	3.0.0	—	—	—	GPL-2.0-only OR CDDL-1.1
org.javassist:javassist maven	Direct	3.29.1-GA	—	—	—	(Apache-2.0 AND LGPL-2.1 AND LGPL-2.1-only AND MPL-1.1) OR (Apache-2.0 AND LGPL-2.1-only AND MPL-1.1)

Unknown 185

Apache-2.0 47

BSD-2-Clause 8

Apache-2.0 AND EPL-1.0 AND EPL-2.0 4

BSD-3-Clause 4

MIT 4

CDDL-1.1 OR GPL-2.0-only WITH Classpath-exception-2.0 2

LGPL-2.1 2

(Apache-2.0 AND LGPL-2.1 AND LGPL-2.1-only AND MPL-1.1) OR (Apache-2.0 AND LGPL-2.1-only AND MPL-1.1) 1

Apache-2.0 AND BSD-2-Clause AND MIT 1

Apache-2.0 AND BSD-3-Clause 1

Apache-2.0 AND BSD-3-Clause AND MIT 1

Apache-2.0 AND MIT 1

CC0-1.0 1

CDDL-1.0 1

EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0 1

GPL-2.0-only OR CDDL-1.1 1

LGPL-3.0 1

LicenseRef-scancode-public-domain 1

Plexus 1

critical 0

high 0

medium 2

low 0

unknown 0