Tools / phoenix / Dependencies

Dependency Analysis

phoenix

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

47% Freshness

4516 Dependencies

1855 Outdated

0 Stale

10.7 Avg Behind

Dependency List

Latest release arize-phoenix-v15.4.0

All 4515 Outdated 2520 Has CVE 46 GPL 16

Dependency	Type	Current	Latest	Behind	CVE	License
dompurify npm	Transitive	3.3.3	3.4.8	9 behind	4 medium	(Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0)
chardet pypi	Transitive	5.2.0	7.4.3	13 behind	—	LGPL-2.1-or-later
node-liblzma npm	Transitive	2.2.0	5.0.1	11 behind	—	LGPL-3.0
charset-normalizer pypi	Direct	3.3.2	3.4.7	8 behind	—	LGPL-2.1-only AND MIT AND MPL-1.1
charset-normalizer pypi	Direct	3.3.2	3.4.7	8 behind	—	LGPL-2.1-only AND MIT AND MPL-1.1
docutils pypi	Transitive	0.22.4	0.23.0	2 behind	—	BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-free-unknown AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
@opentelemetry/api npm	Transitive	1.9.0	1.9.1	1 behind	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
psycopg pypi	Transitive	3.3.3	3.3.4	1 behind	—	LGPL-3.0 AND LGPL-3.0-only
@opentelemetry/api npm	Transitive	1.9.1	1.9.1	Current	—	Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only)
compressjs npm	Transitive	1.0.3	1.0.3	Current	—	GPL-2.0-only AND GPL-2.0-or-later
dominate pypi	Direct	2.9.1	2.9.1	Current	—	LGPL-3.0-or-later
ldap3 pypi	Direct	2.9.1	2.9.1	Current	—	LGPL-3.0-or-later
rfc3987-syntax pypi	Direct	1.1.0	1.1.0	Current	—	Apache-2.0 AND GPL-1.0-or-later AND MIT
text-unidecode pypi	Transitive	1.3	1.3.0	—	—	Artistic-1.0-Perl OR GPL-1.0-only OR GPL-2.0-or-later
typing-extensions pypi	Direct	4.15.0	4.15.0	Current	—	Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD

License Breakdown

MIT 2984

Unknown 508

Apache-2.0 417

ISC 173

BSD-3-Clause 130

MPL-2.0 53

BSD-2-Clause 39

BlueOak-1.0.0 35

BSD-2-Clause AND BSD-3-Clause 33

Apache-2.0 AND MIT 11

BSD-3-Clause AND LicenseRef-scancode-protobuf 5

CC-BY-4.0 5

CC0-1.0 AND MIT 5

MIT-0 5

0BSD AND ISC AND MIT 4

Apache-2.0 AND BSD-2-Clause 4

BSD-3-Clause AND MIT 4

Apache-2.0 OR (Apache-2.0 AND LGPL-3.0-only) 3

BSD-2-Clause AND BSD-3-Clause AND MIT 3

BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 3

CC0-1.0 3

ISC AND MIT 3

LicenseRef-scancode-generic-cla AND MIT 3

LicenseRef-scancode-unknown-license-reference AND MIT 3

MIT AND MPL-2.0 3

0BSD 2

AFL-2.1 AND AFL-3.0 AND BSD-3-Clause 2

Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 2

Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 2

Apache-2.0 AND Elastic-2.0 2

Apache-2.0 OR BSD-2-Clause OR MIT OR (Apache-2.0 AND BSD-2-Clause) OR (Apache-2.0 AND MIT) OR (BSD-2-Clause AND MIT) 2

BSD-2-Clause AND BSD-2-Clause-Views 2

BSD-3-Clause AND ISC AND MIT 2

BSD-3-Clause AND LicenseRef-scancode-generic-cla AND MIT 2

Elastic-2.0 2

ISC AND JSON AND MIT 2

LGPL-2.1-only AND MIT AND MPL-1.1 2

LGPL-3.0-or-later 2

LicenseRef-scancode-free-unknown AND MIT 2

MIT AND Python-2.0 2

PSF-2.0 2

Python-2.0 2

Python-2.0.1 2

(Apache-2.0 AND GPL-1.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-1.0-only AND MPL-2.0) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0 AND MS-PL) OR (Apache-2.0 AND GPL-2.0-only AND MPL-2.0) 1

(MIT OR EUPL-1.1+) 1

0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 1

Apache-2.0 AND BSD-3-Clause AND MIT AND Zlib 1

Apache-2.0 AND BSD-3-Clause AND MPL-2.0 1

Apache-2.0 AND GPL-1.0-or-later AND MIT 1

Apache-2.0 AND ISC 1

Apache-2.0 AND MIT AND MPL-2.0 1

Apache-2.0 OR (Apache-2.0 AND BSD-3-Clause) 1

Artistic-1.0-Perl OR GPL-1.0-only OR GPL-2.0-or-later 1

BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-free-unknown AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain 1

BSD-2-Clause AND JSON 1

BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 1

BSD-3-Clause AND CC0-1.0 AND ISC AND MIT 1

BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 1

BSD-3-Clause OR Apache-2.0 1

BSD-3-Clause OR MIT OR (BSD-3-Clause AND MIT) 1

CC-BY-SA-3.0 AND MIT AND Python-2.0 1

CC0-1.0 AND Unlicense 1

CC0-1.0 OR MIT OR (CC0-1.0 AND MIT) 1

CNRI-Python AND Apache-2.0 1

GPL-2.0-only AND GPL-2.0-or-later 1

ISC AND MPL-2.0 1

LGPL-2.1-or-later 1

LGPL-3.0 1

LGPL-3.0 AND LGPL-3.0-only 1

LicenseRef-scancode-commercial-license AND LicenseRef-scancode-other-permissive AND MIT 1

LicenseRef-scancode-secret-labs-2011 AND MIT-CMU 1

LicenseRef-scancode-unknown-license-reference AND MIT AND Python-2.0 1

MIT AND CC0-1.0 1

MIT AND HPND-Markus-Kuhn 1

MIT AND MIT-0 1

MIT AND PSF-2.0 1

MIT AND Ruby 1

MIT AND WTFPL 1

MIT AND ZPL-2.1 1

MIT OR (MIT AND WTFPL) 1

Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 1

Unlicense 1

apache-2.0 1

CVE Severity

critical 4

high 20

medium 21

low 0

unknown 1