Tools / storyden / Dependencies

Dependency Analysis

storyden

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

Security Export CSV

61% Freshness

2709 Dependencies

868 Outdated

0 Stale

11.0 Avg Behind

Dependency List

Latest release v1.26.7

All 2708 Outdated 1077 Has CVE 62 GPL 38

Dependency	Type	Current	Latest	Behind	CVE	License
@orval/core npm	Transitive	7.2.0	—	—	1 critical	MIT
vite npm	Transitive	6.3.5	8.0.16	83 behind	5 high	Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT
minimatch npm	Transitive	9.0.5	10.2.5	36 behind	3 high	ISC
minimatch npm	Transitive	9.0.5	10.2.5	36 behind	3 high	ISC
h3 npm	Transitive	1.15.4	2.0.1-rc.22	34 behind	5 high	MIT
vite npm	Transitive	7.3.1	8.0.16	33 behind	1 high	BSD-2-Clause AND CC0-1.0 AND ISC AND MIT
fast-xml-parser npm	Transitive	5.4.2	5.8.0	21 behind	3 high	MIT
undici npm	Transitive	7.22.0	8.3.0	21 behind	6 high	MIT
tar npm	Transitive	7.5.1	7.5.16	15 behind	7 high	ISC
glob npm	Transitive	10.4.5	13.0.6	13 behind	1 high	ISC
glob npm	Transitive	10.4.5	13.0.6	13 behind	1 high	ISC
@hono/node-server npm	Transitive	1.19.9	2.0.4	12 behind	2 high	MIT
express-rate-limit npm	Transitive	8.2.1	8.5.2	11 behind	1 high	MIT
fast-xml-builder npm	Transitive	1.0.0	1.2.0	11 behind	1 high	MIT
picomatch npm	Transitive	2.3.1	4.0.4	9 behind	2 high	MIT
picomatch npm	Transitive	2.3.1	4.0.4	9 behind	2 high	MIT
validator npm	Transitive	13.12.0	13.15.35	7 behind	2 high	MIT
flatted npm	Transitive	3.3.2	3.4.2	5 behind	2 high	ISC AND MIT
lodash-es npm	Transitive	4.17.21	4.18.1	4 behind	3 high	CC0-1.0 AND MIT
path-to-regexp npm	Transitive	8.3.0	8.4.2	4 behind	2 high	MIT
defu npm	Transitive	6.1.4	6.1.7	3 behind	1 high	MIT
fast-uri npm	Transitive	3.0.6	3.1.2	3 behind	2 high	BSD-3-Clause
lodash npm	Direct	4.17.23	4.18.1	2 behind	2 high	CC0-1.0 AND MIT
lodash npm	Transitive	4.17.23	4.18.1	2 behind	2 high	CC0-1.0 AND MIT
@isaacs/brace-expansion npm	Transitive	5.0.0	5.0.1	1 behind	1 high	MIT
@isaacs/brace-expansion npm	Transitive	5.0.0	5.0.1	1 behind	1 high	MIT
@orval/mock npm	Transitive	7.2.0	—	—	1 high	MIT
astro npm	Transitive	5.5.5	—	—	12 high	MIT
devalue npm	Transitive	5.3.2	—	—	6 high	MIT
github.com/buger/jsonparser golang	Transitive	v1.1.1	—	—	1 high	MIT
github.com/go-jose/go-jose/v4 golang	Transitive	v4.1.3	—	—	1 high	Apache-2.0
hono npm	Transitive	4.12.1	—	—	13 high	MIT
jsonpath-plus npm	Transitive	10.2.0	—	—	1 high	MIT
linkifyjs npm	Transitive	4.2.0	—	—	1 high	MIT
next npm	Direct	16.1.6	—	—	6 high	MIT
rollup npm	Transitive	4.50.0	—	—	1 high	0BSD AND ISC AND MIT
postcss npm	Transitive	8.4.31	8.5.15	34 behind	1 medium	MIT
postcss npm	Transitive	8.4.31	8.5.15	34 behind	1 medium	MIT
@babel/runtime npm	Transitive	7.26.0	7.29.7	30 behind	1 medium	MIT
esbuild npm	Transitive	0.24.2	0.28.0	22 behind	1 medium	MIT
dompurify npm	Transitive	3.2.6	3.4.8	15 behind	9 medium	Apache-2.0 OR MPL-2.0
brace-expansion npm	Transitive	2.0.2	5.0.6	11 behind	1 medium	MIT
yaml npm	Transitive	2.8.2	2.9.0	6 behind	1 medium	ISC
js-yaml npm	Transitive	3.14.1	4.2.0	5 behind	1 medium	MIT
ajv npm	Transitive	8.17.1	8.20.0	4 behind	1 medium	MIT
ajv npm	Transitive	8.17.1	8.20.0	4 behind	1 medium	MIT
ip-address npm	Transitive	10.0.1	10.2.0	3 behind	1 medium	MIT
ip-address npm	Transitive	10.0.1	10.2.0	3 behind	1 medium	MIT
uuid npm	Transitive	11.1.0	14.0.0	3 behind	1 medium	MIT
markdown-it npm	Transitive	14.1.0	14.2.0	2 behind	1 medium	MIT
mdast-util-to-hast npm	Transitive	13.2.0	13.2.1	1 behind	1 medium	MIT
mdast-util-to-hast npm	Transitive	13.2.0	13.2.1	1 behind	1 medium	MIT
pytest pypi	Direct	9.0.2	9.0.3	1 behind	1 medium	MIT
python-dotenv pypi	Direct	1.2.1	1.2.2	1 behind	1 medium	BSD-3-Clause
golang.org/x/image golang	Transitive	v0.26.0	—	—	3 medium	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
smol-toml npm	Transitive	1.4.2	—	—	1 medium	BSD-3-Clause
brace-expansion npm	Transitive	2.0.1	5.0.6	16 behind	1 low	MIT
diff npm	Transitive	5.2.0	9.0.0	15 behind	1 low	BSD-3-Clause
pygments pypi	Direct	2.19.2	2.20.0	1 behind	1 low	BSD-2-Clause
github.com/disintegration/imaging golang	Direct	v1.6.2	—	—	1 low	MIT
github.com/jackc/pgx/v5 golang	Direct	v5.9.0	—	—	1 low	Unknown
golang.org/x/net golang	Direct	v0.52.0	—	—	1 unknown	BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang

License Breakdown

MIT 2080

Apache-2.0 191

ISC 142

BSD-3-Clause 65

Unknown 38

MPL-2.0 28

BSD-2-Clause 23

BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 20

BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang 12

BlueOak-1.0.0 11

Apache-2.0 AND BSD-3-Clause 9

Apache-2.0 AND MIT 8

CC0-1.0 AND MIT 8

LGPL-3.0-or-later 8

Apache-2.0 AND BSD-2-Clause AND LGPL-2.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND LGPL-3.0-or-later AND LicenseRef-scancode-other-permissive AND MIT AND MPL-2.0 6

ISC AND MIT 6

MIT-0 6

0BSD 5

BSD-3-Clause AND MIT 4

BSD-2-Clause AND BSD-3-Clause 3

CC-BY-4.0 3

0BSD AND ISC AND MIT 2

Apache-2.0 AND BSD-2-Clause 2

Apache-2.0 AND BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 2

Apache-2.0 AND LGPL-3.0-or-later 2

BSD-3-Clause AND ISC AND MIT 2

CC0-1.0 2

MIT AND MIT-0 2

Python-2.0 2

Unlicense 2

(MPL-2.0 OR Apache-2.0) 1

Apache-2.0 AND BSD-3-Clause AND MIT 1

Apache-2.0 AND ISC 1

Apache-2.0 AND LGPL-3.0-or-later AND MIT 1

Apache-2.0 AND LicenseRef-scancode-unknown-license-reference 1

Apache-2.0 OR MPL-2.0 1

BSD-2-Clause AND BSD-2-Clause-Views 1

BSD-2-Clause AND CC0-1.0 AND ISC AND MIT 1

BSD-2-Clause AND JSON 1

BSD-3-Clause AND LicenseRef-scancode-generic-cla AND MIT 1

BSD-3-Clause AND LicenseRef-scancode-public-domain AND LicenseRef-scancode-unknown-license-reference 1

CC0-1.0 AND Unlicense 1

ISC AND MPL-2.0 1

Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 1

CVE Severity

critical 1

high 35

medium 20

low 5

unknown 1