Real Intelligence Threat Analysis (RITA)

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

100% Freshness

256 Dependencies

0 Outdated

0 Stale

— Avg Behind

Dependency List

Latest release v5.1.1

Dependency	Type	Current	Latest	Behind	CVE	License
google.golang.org/grpc golang	Transitive	v1.59.0	—	—	1 critical	Apache-2.0
github.com/containerd/containerd golang	Transitive	v1.7.17	—	—	3 high	Apache-2.0
github.com/docker/cli golang	Transitive	v26.1.3+incompatible	—	—	1 high	Apache-2.0
github.com/docker/docker golang	Transitive	v26.1.5+incompatible	—	—	3 high	Apache-2.0
github.com/moby/buildkit golang	Transitive	v0.13.2	—	—	2 high	Apache-2.0
github.com/moby/spdystream golang	Transitive	v0.2.0	—	—	1 high	Apache-2.0
go.opentelemetry.io/otel/sdk golang	Transitive	v1.24.0	—	—	2 high	Apache-2.0
golang.org/x/crypto golang	Transitive	v0.33.0	—	—	4 high	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
golang.org/x/oauth2 golang	Transitive	v0.15.0	—	—	1 high	BSD-3-Clause
github.com/compose-spec/compose-go/v2 golang	Transitive	v2.1.1	—	—	1 medium	Apache-2.0
github.com/docker/buildx golang	Transitive	v0.14.1	—	—	1 medium	Apache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp golang	Transitive	v0.42.0	—	—	1 medium	Apache-2.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp golang	Transitive	v1.21.0	—	—	1 medium	Apache-2.0
golang.org/x/net golang	Transitive	v0.35.0	—	—	5 medium	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
github.com/docker/compose/v2 golang	Transitive	v2.27.1	—	—	1 unknown	Apache-2.0

Apache-2.0 103

MIT 82

BSD-3-Clause 29

Unknown 11

BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang 10

MPL-2.0 6

BSD-2-Clause 4

Apache-2.0 AND BSD-3-Clause 2

Apache-2.0 AND CC-BY-SA-4.0 2

Apache-2.0 AND BSD-3-Clause AND MIT 1

Apache-2.0 AND MIT 1

BSD-3-Clause AND MIT 1

CC0-1.0 1

ISC 1

Unlicense 1

critical 1

high 8

medium 5

low 0

unknown 1