swingmusic

Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.

86% Freshness

124 Dependencies

2 Outdated

0 Stale

0.2 Avg Behind

Dependency List

Latest release v2.1.4

Dependency	Type	Current	Latest	Behind	CVE	License
granian pypi	Direct	2.7.3	2.7.5	2 behind	2 high	Unknown
locust pypi	Direct	2.43.4	2.44.1	20 behind	—	Unknown
requests pypi	Direct	2.33.1	2.34.2	4 behind	—	Apache-2.0
click pypi	Transitive	8.3.2	8.4.1	3 behind	—	BSD-3-Clause
backports-zstd pypi	Transitive	1.3.0	1.5.0	2 behind	—	Unknown
certifi pypi	Transitive	2026.2.25	2026.5.20	2 behind	—	MPL-2.0
cryptography pypi	Direct	46.0.7	48.0.0	2 behind	—	BSD-3-Clause OR Apache-2.0
gevent pypi	Transitive	25.9.1	26.5.0	2 behind	—	MIT AND Python-2.0
greenlet pypi	Transitive	3.4.0	3.5.1	2 behind	—	Unknown
pydantic-core pypi	Transitive	2.46.3	2.47.0	2 behind	—	Unknown
sqlalchemy pypi	Direct	2.0.49	2.0.50	2 behind	—	MIT
pydantic pypi	Transitive	2.13.3	2.13.4	1 behind	—	MIT
pyjwt pypi	Transitive	2.12.1	2.13.0	1 behind	—	MIT
python-engineio pypi	Transitive	4.13.1	4.13.2	1 behind	—	Unknown
python-socketio pypi	Transitive	5.16.1	5.16.2	1 behind	—	Unknown
urllib3 pypi	Transitive	2.6.3	2.7.0	1 behind	—	MIT
xxhash pypi	Direct	3.6.0	3.7.0	1 behind	—	BSD-2-Clause AND BSD-3-Clause

Unknown 52

MIT 32

BSD-3-Clause 10

Apache-2.0 5

BSD-2-Clause AND BSD-3-Clause 5

MPL-2.0 2

Apache-2.0 AND BSD-2-Clause 1

Apache-2.0 AND BSD-3-Clause AND LicenseRef-scancode-unknown-license-reference 1

Apache-2.0 AND Python-2.0 1

BSD-2-Clause 1

BSD-3-Clause AND GPL-2.0 AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only 1

BSD-3-Clause OR Apache-2.0 1

GPL-1.0-or-later AND MIT 1

GPL-3.0-or-later AND LGPL-2.0-only 1

GPL-3.0-or-later AND LGPL-2.1-only 1

MIT AND MIT-0 1

MIT AND MPL-2.0 1

MIT AND Python-2.0 1

MIT-0 1

MIT-CMU 1

PSF-2.0 1

Python-2.0 AND GPL-1.0-or-later AND Python-2.0 AND BSD-3-Clause AND Python-2.0 AND BSD-3-Clause AND 0BSD 1

ZPL-2.1 1

critical 0

high 1

medium 0

low 0

unknown 0