Dependency Analysis
Spack
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
90%
Freshness
43
Dependencies
3
Outdated
0
Stale
0.6
Avg Behind
Dependency List
Latest release v1.0.4
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
black
pypi
|
Direct | 25.12.0 | 26.5.1 | 6 behind | 1 high | MIT |
|
ruff
pypi
|
Direct | 0.15.11 | 0.15.15 | 4 behind | — | Unknown |
|
mypy
pypi
|
Direct | 1.20.1 | 2.1.0 | 3 behind | — | MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause |
|
coverage
pypi
|
Direct | 7.13.5 | 7.14.1 | 2 behind | — | Apache-2.0 |
|
docutils
pypi
|
Direct | 0.22.4 | 0.23.0 | 2 behind | — | BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-free-unknown AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain |
|
isort
pypi
|
Direct | 7.0.0 | 8.0.1 | 2 behind | — | MIT |
|
actions/checkout
githubactions
|
Direct | de0fac2e4500dabe0009e67214ff5f5447ce83dd | — | — | — | Unknown |
|
actions/download-artifact
githubactions
|
Direct | 3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c | — | — | — | Unknown |
|
actions/labeler
githubactions
|
Direct | 634933edcd8ababfe52f92936142cc22ac488b1b | — | — | — | Unknown |
|
actions/setup-python
githubactions
|
Direct | a309ff8b426b58ec0e2a45f0f869d46889d02405 | — | — | — | Unknown |
|
actions/stale
githubactions
|
Direct | b5d41d4e1d5dceea10e7104786b73624c18a190f | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a | — | — | — | Unknown |
|
actions/upload-artifact/merge
githubactions
|
Direct | 043fb46d1a93c77aae656e7c1c64a875d1fc6a0a | — | — | — | Unknown |
|
clingo
|
Direct | — | — | — | — | Unknown |
|
clingo
pypi
|
Direct | 5.8.0 | — | — | — | MIT |
|
codecov/codecov-action
githubactions
|
Direct | 57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 | — | — | — | Unknown |
|
coverage
|
Direct | <= 7.11.0 | — | — | — | Unknown |
|
docker/build-push-action
githubactions
|
Direct | bcafcacb16a39f128d818304e6c9c0c18556b85f | — | — | — | Unknown |
|
docker/login-action
githubactions
|
Direct | 4907a6ddec9925e35a0a9e82d7399ccc52663121 | — | — | — | Unknown |
|
docker/metadata-action
githubactions
|
Direct | 030e881283bb7a6894de51c315a6bfe6a94e05cf | — | — | — | Unknown |
|
docker/setup-buildx-action
githubactions
|
Direct | 4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd | — | — | — | Unknown |
|
docker/setup-qemu-action
githubactions
|
Direct | ce360397dd3f832beb865e1373c09c0e9f86d70a | — | — | — | Unknown |
|
dorny/paths-filter
githubactions
|
Direct | fbd0ab8f3e69293af611ebaee6363fc25e6d187d | — | — | — | Unknown |
|
flake8
pypi
|
Direct | 7.3.0 | 7.3.0 | Current | — | MIT |
|
furo
pypi
|
Direct | 2025.12.19 | — | — | — | MIT |
|
Homebrew/actions/setup-homebrew
githubactions
|
Direct | 40e9946c182a64b3db1bf51be0dcb915f7802aa9 | — | — | — | Unknown |
|
julia-actions/cache
githubactions
|
Direct | a45e8fa8be21c18a06b7177052533149e61e9b38 | — | — | — | Unknown |
|
julia-actions/setup-julia
githubactions
|
Direct | f6f565d9f7cf12f53dc8045742460d6260ad3b39 | — | — | — | Unknown |
|
pygments
pypi
|
Direct | 2.20.0 | 2.20.0 | Current | — | BSD-2-Clause |
|
pylint
pypi
|
Direct | 4.0.5 | 4.0.5 | Current | — | GPL-2.0-only AND CC-BY-4.0 AND CC-BY-SA-4.0 |
|
pytest
pypi
|
Direct | 9.0.3 | 9.0.3 | Current | — | MIT |
|
pytest-cov
pypi
|
Direct | 7.1.0 | 7.1.0 | Current | — | MIT |
|
pytest-xdist
pypi
|
Direct | 3.8.0 | 3.8.0 | Current | — | MIT |
|
ruamel-yaml
pypi
|
Direct | 0.19.1 | 0.19.1 | Current | — | Unknown |
|
slotscheck
pypi
|
Direct | 0.19.1 | — | — | — | MIT |
|
sphinx
pypi
|
Direct | 9.1.0 | 9.1.0 | Current | — | Unknown |
|
sphinx-copybutton
pypi
|
Direct | 0.5.2 | 0.5.2 | Current | — | MIT |
|
sphinx-last-updated-by-git
pypi
|
Direct | 0.3.8 | — | — | — | BSD-2-Clause |
|
sphinx-sitemap
pypi
|
Direct | 2.9.0 | 2.9.0 | Current | — | MIT |
|
sphinxcontrib-programoutput
pypi
|
Direct | 0.19 | — | — | — | Unknown |
|
sphinxcontrib-svg2pdfconverter
pypi
|
Direct | 2.1.0 | — | — | — | Unknown |
|
vermin
pypi
|
Direct | 1.8.0 | — | — | — | MIT |
License Breakdown
Unknown
24
MIT
12
BSD-2-Clause
2
Apache-2.0
1
BSD-2-Clause AND BSD-3-Clause AND CC-PDDC AND GPL-1.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later AND LicenseRef-scancode-free-unknown AND LicenseRef-scancode-other-copyleft AND LicenseRef-scancode-public-domain
1
GPL-2.0-only AND CC-BY-4.0 AND CC-BY-SA-4.0
1
MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause AND MIT AND Python-2.0 AND Python-2.0.1 AND BSD-2-Clause
1
CVE Severity
critical
0
high
1
medium
0
low
0
unknown
0