Dependency Analysis
speaches
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
54%
Freshness
264
Dependencies
102
Outdated
0
Stale
4.8
Avg Behind
Dependency List
Latest release v0.9.0-rc.3
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
h11
pypi
|
Direct | 0.14.0 | 0.16.0 | 2 behind | 1 critical | MIT |
|
protobuf
pypi
|
Direct | 5.29.3 | 7.35.0 | 36 behind | 2 high | BSD-3-Clause AND LicenseRef-scancode-protobuf |
|
cryptography
pypi
|
Direct | 44.0.1 | 48.0.0 | 20 behind | 2 high | Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause) |
|
black
pypi
|
Direct | 24.10.0 | 26.5.1 | 10 behind | 1 high | MIT |
|
lxml
pypi
|
Direct | 5.3.0 | 6.1.1 | 10 behind | 1 high | BSD-2-Clause AND BSD-3-Clause |
|
python-multipart
pypi
|
Direct | 0.0.20 | 0.0.30 | 10 behind | 3 high | Apache-2.0 |
|
pillow
pypi
|
Direct | 10.4.0 | 12.2.0 | 8 behind | 5 high | MIT-CMU |
|
urllib3
pypi
|
Direct | 2.2.3 | 2.7.0 | 8 behind | 5 high | MIT |
|
pyopenssl
pypi
|
Direct | 25.0.0 | 26.2.0 | 6 behind | 2 high | Apache-2.0 |
|
mako
pypi
|
Direct | 1.3.10 | 1.3.12 | 2 behind | 2 high | MIT |
|
brotli
pypi
|
Direct | 1.1.0 | 1.2.0 | 1 behind | 1 high | MIT |
|
requests
pypi
|
Direct | 2.32.3 | 2.34.2 | 8 behind | 2 medium | Apache-2.0 |
|
pytest
pypi
|
Direct | 8.4.1 | 9.0.3 | 5 behind | 1 medium | MIT |
|
python-dotenv
pypi
|
Direct | 1.0.1 | 1.2.2 | 5 behind | 1 medium | BSD-2-Clause AND BSD-3-Clause |
|
aiohttp
pypi
|
Direct | 3.13.3 | 3.14.0 | 3 behind | 10 medium | Apache-2.0 AND MIT |
|
jinja2
pypi
|
Direct | 3.1.4 | 3.1.6 | 2 behind | 3 medium | BSD-2-Clause AND BSD-3-Clause |
|
pygments
pypi
|
Direct | 2.18.0 | 2.20.0 | 4 behind | 1 low | BSD-2-Clause |
|
huggingface-hub
pypi
|
Direct | 0.35.3 | 1.17.0 | 79 behind | — | Apache-2.0 |
|
typer
pypi
|
Direct | 0.12.5 | 0.26.7 | 42 behind | — | MIT |
|
wrapt
pypi
|
Direct | 1.16.0 | 2.2.1 | 41 behind | — | BSD-2-Clause |
|
grpcio
pypi
|
Direct | 1.67.1 | 1.81.0 | 31 behind | — | Apache-2.0 |
|
pydantic-core
pypi
|
Direct | 2.33.2 | 2.47.0 | 26 behind | — | MIT |
|
pydantic
pypi
|
Direct | 2.11.7 | 2.13.4 | 23 behind | — | MIT |
|
nvidia-cudnn-cu12
pypi
|
Direct | 9.10.2.21 | 9.23.0.39 | 19 behind | — | Unknown |
|
tokenizers
pypi
|
Direct | 0.20.1 | 0.23.1 | 19 behind | — | Apache-2.0 |
|
identify
pypi
|
Direct | 2.6.1 | 2.6.19 | 18 behind | — | MIT |
|
regex
pypi
|
Direct | 2024.9.11 | 2026.5.9 | 18 behind | — | Apache-2.0 AND CNRI-Python |
|
fsspec
pypi
|
Direct | 2024.9.0 | 2026.4.0 | 16 behind | — | BSD-3-Clause |
|
hf-xet
pypi
|
Direct | 1.1.5 | 1.5.1.dev1 | 16 behind | — | Apache-2.0 |
|
inflect
pypi
|
Direct | 5.6.2 | 7.5.0 | 16 behind | — | MIT |
|
mpmath
pypi
|
Direct | 1.3.0 | 1.4.1 | 15 behind | — | BSD-3-Clause |
|
platformdirs
pypi
|
Direct | 4.3.6 | 4.10.0 | 15 behind | — | MIT |
|
uvicorn
pypi
|
Direct | 0.35.0 | 0.49.0 | 15 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
googleapis-common-protos
pypi
|
Direct | 1.65.0 | 1.75.0 | 14 behind | — | Apache-2.0 |
|
certifi
pypi
|
Direct | 2024.8.30 | 2026.5.20 | 13 behind | — | MPL-2.0 |
|
griffe
pypi
|
Direct | 1.7.3 | 2.0.2 | 13 behind | — | ISC |
|
numpy
pypi
|
Direct | 2.3.1 | 2.4.6 | 12 behind | — | Apache-2.0 AND BSD-3-Clause AND MIT AND Zlib |
|
openai
pypi
|
Direct | 2.30.0 | 2.41.0 | 12 behind | — | Apache-2.0 |
|
rpds-py
pypi
|
Direct | 0.22.3 | 2026.5.1 | 12 behind | — | MIT |
|
nvidia-nccl-cu12
pypi
|
Direct | 2.27.3 | 2.30.4 | 11 behind | — | Unknown |
|
pandas
pypi
|
Direct | 2.2.3 | 3.0.3 | 11 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
click
pypi
|
Direct | 8.1.7 | 8.4.1 | 10 behind | — | BSD-3-Clause |
|
google-crc32c
pypi
|
Direct | 1.6.0 | 1.8.0 | 9 behind | — | Apache-2.0 |
|
pyparsing
pypi
|
Direct | 3.2.1 | 3.3.2 | 9 behind | — | MIT AND Python-2.0 |
|
charset-normalizer
pypi
|
Direct | 3.3.2 | 3.4.7 | 8 behind | — | LGPL-2.1-only AND MIT AND MPL-1.1 |
|
importlib-metadata
pypi
|
Direct | 8.4.0 | 9.0.0 | 7 behind | — | Apache-2.0 |
|
pathspec
pypi
|
Direct | 0.12.1 | 1.1.1 | 7 behind | — | MPL-2.0 |
|
flatbuffers
pypi
|
Direct | 24.3.25 | 25.12.19 | 6 behind | — | Apache-2.0 |
|
isort
pypi
|
Direct | 5.13.2 | 8.0.1 | 6 behind | — | MIT |
|
pydantic-settings
pypi
|
Direct | 2.10.1 | 2.14.1 | 6 behind | — | MIT |
|
starlette
pypi
|
Direct | 0.52.1 | 1.2.1 | 6 behind | — | BSD-3-Clause |
|
anyio
pypi
|
Direct | 4.9.0 | 4.13.0 | 5 behind | — | MIT |
|
attrs
pypi
|
Direct | 24.3.0 | 26.1.0 | 5 behind | — | MIT |
|
av
pypi
|
Direct | 15.1.0 | 17.0.1 | 5 behind | — | BSD-3-Clause |
|
fastapi
pypi
|
Direct | 0.135.2 | 0.136.3 | 5 behind | — | Unknown |
|
jsonschema
pypi
|
Direct | 4.23.0 | 4.26.0 | 5 behind | — | MIT |
|
pre-commit
pypi
|
Direct | 4.2.0 | 4.6.0 | 5 behind | — | MIT |
|
zipp
pypi
|
Direct | 3.20.2 | 4.1.0 | 5 behind | — | MIT |
|
argcomplete
pypi
|
Direct | 3.5.3 | 3.6.3 | 4 behind | — | Apache-2.0 |
|
httpcore
pypi
|
Direct | 1.0.5 | 1.0.9 | 4 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
httpx-ws
pypi
|
Direct | 0.7.2 | 0.9.0 | 4 behind | — | MIT |
|
jiter
pypi
|
Direct | 0.11.1 | 0.15.0 | 4 behind | — | MIT |
|
joblib
pypi
|
Direct | 1.4.2 | 1.5.3 | 4 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
markupsafe
pypi
|
Direct | 2.1.5 | 3.0.3 | 4 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
nvidia-cublas-cu12
pypi
|
Direct | 12.8.4.1 | 12.9.2.10 | 4 behind | — | Unknown |
|
opentelemetry-api
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Unknown |
|
opentelemetry-exporter-otlp-proto-common
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-exporter-otlp-proto-grpc
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Unknown |
|
opentelemetry-exporter-otlp-proto-http
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-proto
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
opentelemetry-sdk
pypi
|
Direct | 1.40.0 | 1.42.1 | 4 behind | — | Apache-2.0 |
|
referencing
pypi
|
Direct | 0.35.1 | 0.37.0 | 4 behind | — | MIT |
|
triton
pypi
|
Direct | 3.4.0 | 3.7.0 | 4 behind | — | Unknown |
|
filelock
pypi
|
Direct | 3.25.2 | 3.29.1 | 3 behind | — | MIT |
|
greenlet
pypi
|
Direct | 3.3.2 | 3.5.1 | 3 behind | — | MIT AND PSF-2.0 |
|
httpx
pypi
|
Direct | 0.28.1 | 1.0.0.dev3 | 3 behind | — | BSD-3-Clause |
|
iniconfig
pypi
|
Direct | 2.0.0 | 2.3.0 | 3 behind | — | MIT |
|
lightning
pypi
|
Direct | 2.6.1 | 2.6.5 | 3 behind | — | Unknown |
|
markdown-it-py
pypi
|
Direct | 3.0.0 | 4.2.0 | 3 behind | — | MIT |
|
onnxruntime
pypi
|
Direct | 1.24.4 | 1.26.0 | 3 behind | — | Unknown |
|
sounddevice
pypi
|
Direct | 0.5.2 | 0.5.5 | 3 behind | — | MIT |
|
sqlalchemy
pypi
|
Direct | 2.0.48 | 2.0.50 | 3 behind | — | MIT |
|
sympy
pypi
|
Direct | 1.13.3 | 1.14.0 | 3 behind | — | BSD-2-Clause |
|
wsproto
pypi
|
Direct | 1.2.0 | 1.3.2 | 3 behind | — | MIT |
|
aiofiles
pypi
|
Direct | 23.2.1 | 25.1.0 | 2 behind | — | Apache-2.0 |
|
babel
pypi
|
Direct | 2.16.0 | 2.18.0 | 2 behind | — | BSD-3-Clause |
|
cffi
pypi
|
Direct | 1.17.1 | 2.0.0 | 2 behind | — | MIT |
|
distlib
pypi
|
Direct | 0.3.9 | 0.4.1 | 2 behind | — | PSF-2.0 |
|
dnspython
pypi
|
Direct | 2.7.0 | 2.8.0 | 2 behind | — | ISC |
|
httpx-sse
pypi
|
Direct | 0.4.1 | 0.4.3 | 2 behind | — | MIT |
|
jsonschema-specifications
pypi
|
Direct | 2024.10.1 | 2025.9.1 | 2 behind | — | MIT |
|
mkdocs-autorefs
pypi
|
Direct | 1.4.2 | 1.4.4 | 2 behind | — | ISC |
|
mkdocs-get-deps
pypi
|
Direct | 0.2.0 | 0.2.2 | 2 behind | — | MIT |
|
nvidia-cuda-cupti-cu12
pypi
|
Direct | 12.8.90 | 12.9.79 | 2 behind | — | Unknown |
|
nvidia-cuda-nvrtc-cu12
pypi
|
Direct | 12.8.93 | 12.9.86 | 2 behind | — | Unknown |
|
nvidia-cuda-runtime-cu12
pypi
|
Direct | 12.8.90 | 12.9.79 | 2 behind | — | Unknown |
|
nvidia-cufft-cu12
pypi
|
Direct | 11.3.3.83 | 11.4.1.4 | 2 behind | — | Unknown |
|
nvidia-cufile-cu12
pypi
|
Direct | 1.13.1.3 | 1.14.1.1 | 2 behind | — | Unknown |
|
nvidia-cusolver-cu12
pypi
|
Direct | 11.7.3.90 | 11.7.5.82 | 2 behind | — | Unknown |
|
nvidia-cusparse-cu12
pypi
|
Direct | 12.5.8.93 | 12.5.10.65 | 2 behind | — | Unknown |
|
nvidia-cusparselt-cu12
pypi
|
Direct | 0.7.1 | 0.8.1 | 2 behind | — | Unknown |
|
nvidia-nvjitlink-cu12
pypi
|
Direct | 12.8.93 | 12.9.86 | 2 behind | — | Unknown |
|
nvidia-nvtx-cu12
pypi
|
Direct | 12.8.90 | 12.9.79 | 2 behind | — | Unknown |
|
pytest-mock
pypi
|
Direct | 3.14.1 | 3.15.1 | 2 behind | — | MIT |
|
pytorch-lightning
pypi
|
Direct | 2.6.1 | 2.6.5 | 2 behind | — | Unknown |
|
rich
pypi
|
Direct | 14.3.3 | 15.0.0 | 2 behind | — | MIT |
|
scikit-learn
pypi
|
Direct | 1.8.0 | 1.9.0 | 2 behind | — | BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference |
|
aiohappyeyeballs
pypi
|
Direct | 2.6.1 | 2.6.2 | 1 behind | — | 0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0 |
|
annotated-doc
pypi
|
Direct | 0.0.3 | 0.0.4 | 1 behind | — | MIT |
|
cfgv
pypi
|
Direct | 3.4.0 | 3.5.0 | 1 behind | — | MIT |
|
colorlog
pypi
|
Direct | 6.9.0 | 6.10.1 | 1 behind | — | MIT |
|
debugpy
pypi
|
Direct | 1.8.20 | 1.8.21 | 1 behind | — | MIT |
|
execnet
pypi
|
Direct | 2.1.1 | 2.1.2 | 1 behind | — | MIT |
|
fonttools
pypi
|
Direct | 4.62.1 | 4.63.0 | 1 behind | — | Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1 |
|
matplotlib
pypi
|
Direct | 3.10.8 | 3.10.9 | 1 behind | — | Apache-2.0 |
|
mypy-extensions
pypi
|
Direct | 1.0.0 | 1.1.0 | 1 behind | — | MIT |
|
nodeenv
pypi
|
Direct | 1.9.1 | 1.10.0 | 1 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
nvidia-curand-cu12
pypi
|
Direct | 10.3.9.90 | 10.3.10.19 | 1 behind | — | Unknown |
|
pluggy
pypi
|
Direct | 1.5.0 | 1.6.0 | 1 behind | — | MIT |
|
propcache
pypi
|
Direct | 0.4.1 | 0.5.2 | 1 behind | — | Apache-2.0 |
|
pyee
pypi
|
Direct | 13.0.0 | 13.0.1 | 1 behind | — | MIT |
|
pyyaml
pypi
|
Direct | 6.0.2 | 6.0.3 | 1 behind | — | MIT |
|
safetensors
pypi
|
Direct | 0.7.0 | 0.8.0.dev0 | 1 behind | — | Apache-2.0 |
|
six
pypi
|
Direct | 1.16.0 | 1.17.0 | 1 behind | — | MIT |
|
tabulate
pypi
|
Direct | 0.9.0 | 0.10.0 | 1 behind | — | MIT |
|
uritemplate
pypi
|
Direct | 4.1.1 | 4.2.0 | 1 behind | — | Apache-2.0 AND BSD-3-Clause |
|
yarl
pypi
|
Direct | 1.23.0 | 1.24.2 | 1 behind | — | Apache-2.0 |
License Breakdown
MIT
89
Unknown
55
Apache-2.0
47
BSD-3-Clause
20
BSD-2-Clause AND BSD-3-Clause
13
ISC
6
Apache-2.0 AND MIT
5
BSD-2-Clause
4
Apache-2.0 AND BSD-3-Clause
2
MPL-2.0
2
0BSD AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND PSF-2.0 AND Python-2.0
1
AGPL-3.0-or-later AND GPL-3.0-only AND GPL-3.0-or-later
1
Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
Apache-2.0 AND BSD-3-Clause AND MIT AND OFL-1.1
1
Apache-2.0 AND BSD-3-Clause AND MIT AND Zlib
1
Apache-2.0 AND CNRI-Python
1
Apache-2.0 OR BSD-3-Clause OR (Apache-2.0 AND BSD-3-Clause)
1
BSD-3-Clause AND LicenseRef-scancode-protobuf
1
BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference
1
BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference AND MIT
1
BSD-3-Clause AND MIT
1
BSD-3-Clause AND Python-2.0
1
LGPL-2.1-only AND MIT AND MPL-1.1
1
MIT AND Apache-2.0
1
MIT AND MPL-2.0
1
MIT AND PSF-2.0
1
MIT AND Python-2.0
1
MIT-CMU
1
PSF-2.0
1
Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD
1
CVE Severity
critical
1
high
13
medium
7
low
2
unknown
0