Dependency Analysis
ydb
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
55%
Freshness
159
Dependencies
62
Outdated
0
Stale
15.9
Avg Behind
Dependency List
Latest release 25.3.1.25
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
virtualenv
pypi
|
Direct | 20.23.0 | 21.4.2 | 60 behind | 2 high | MIT |
|
black
pypi
|
Direct | 23.3.0 | 26.5.1 | 28 behind | 2 high | MIT |
|
urllib3
pypi
|
Direct | 2.0.2 | 2.7.0 | 23 behind | 7 high | MIT |
|
certifi
pypi
|
Direct | 2023.5.7 | 2026.5.20 | 19 behind | 2 high | MPL-2.0 |
|
gunicorn
pypi
|
Direct | 21.2.0 | 26.0.0 | 13 behind | 2 high | MIT |
|
com.google.protobuf:protobuf-java
maven
|
Direct | 3.21.7 | — | — | 1 high | BSD-3-Clause |
|
com.google.protobuf:protobuf-java
maven
|
Direct | 3.21.1 | — | — | 3 high | BSD-3-Clause |
|
com.google.protobuf:protobuf-javalite
maven
|
Direct | 3.21.7 | — | — | 1 high | BSD-3-Clause |
|
filelock
pypi
|
Direct | 3.12.0 | 3.29.1 | 40 behind | 2 medium | Unlicense |
|
pytest
pypi
|
Direct | 7.3.1 | 9.0.3 | 30 behind | 1 medium | MIT |
|
zipp
pypi
|
Direct | 3.15.0 | 4.1.0 | 19 behind | 1 medium | MIT |
|
requests
pypi
|
Direct | 2.31.0 | 2.34.2 | 12 behind | 3 medium | Apache-2.0 |
|
jinja2
pypi
|
Direct | 3.1.2 | 3.1.6 | 4 behind | 5 medium | BSD-2-Clause AND BSD-3-Clause |
|
idna
pypi
|
Direct | 3.4 | 3.18.0 | — | 1 medium | BSD-2-Clause AND BSD-3-Clause |
|
pygments
pypi
|
Direct | 2.15.1 | 2.20.0 | 10 behind | 1 low | BSD-2-Clause |
|
flask
pypi
|
Direct | 2.3.3 | 3.1.3 | 8 behind | 1 low | BSD-2-Clause AND BSD-3-Clause |
|
ruff
pypi
|
Direct | 0.0.270 | 0.15.15 | 164 behind | — | MIT |
|
yandexcloud
pypi
|
Direct | 0.244.0 | 0.393.0 | 149 behind | — | MIT |
|
coverage
pypi
|
Direct | 7.2.7 | 7.14.1 | 59 behind | — | Apache-2.0 |
|
sphinx
pypi
|
Direct | 6.2.1 | 9.1.0 | 56 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
platformdirs
pypi
|
Direct | 3.5.1 | 4.10.0 | 37 behind | — | MIT |
|
mypy
pypi
|
Direct | 1.3.0 | 2.1.0 | 34 behind | — | MIT |
|
rich
pypi
|
Direct | 13.3.5 | 15.0.0 | 26 behind | — | MIT |
|
typing-extensions
pypi
|
Direct | 4.6.2 | 4.15.0 | 26 behind | — | Python-2.0 |
|
importlib-metadata
pypi
|
Direct | 6.6.0 | 9.0.0 | 23 behind | — | Apache-2.0 |
|
docutils
pypi
|
Direct | 0.18.1 | 0.23.0 | 22 behind | — | BSD-2-Clause |
|
argcomplete
pypi
|
Direct | 3.0.8 | 3.6.3 | 21 behind | — | Apache-2.0 |
|
sphinx-rtd-theme
pypi
|
Direct | 1.2.1 | 3.1.0 | 21 behind | — | MIT |
|
keyring
pypi
|
Direct | 23.13.1 | 25.7.0 | 18 behind | — | MIT |
|
build
pypi
|
Direct | 0.10.0 | 1.5.0 | 15 behind | — | MIT |
|
click
pypi
|
Direct | 8.1.3 | 8.4.1 | 14 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
more-itertools
pypi
|
Direct | 9.1.0 | 11.1.0 | 13 behind | — | MIT |
|
charset-normalizer
pypi
|
Direct | 3.1.0 | 3.4.7 | 12 behind | — | MIT |
|
check-sdist
pypi
|
Direct | 0.1.2 | 1.4.0 | 10 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
nox
pypi
|
Direct | 2023.4.22 | 2026.4.10 | 10 behind | — | Apache-2.0 |
|
pathspec
pypi
|
Direct | 0.11.1 | 1.1.1 | 10 behind | — | MPL-2.0 |
|
pkginfo
pypi
|
Direct | 1.9.6 | 1.12.1.2 | 9 behind | — | MIT |
|
pytest-cov
pypi
|
Direct | 4.1.0 | 7.1.0 | 9 behind | — | MIT |
|
babel
pypi
|
Direct | 2.12.1 | 2.18.0 | 7 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
exceptiongroup
pypi
|
Direct | 1.1.1 | 1.3.1 | 7 behind | — | MIT |
|
markupsafe
pypi
|
Direct | 2.1.2 | 3.0.3 | 7 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
pytest-benchmark
pypi
|
Direct | 4.0.0 | 5.2.3 | 7 behind | — | BSD-2-Clause |
|
pytest-randomly
pypi
|
Direct | 3.12.0 | 4.1.0 | 7 behind | — | MIT |
|
twine
pypi
|
Direct | 4.0.2 | 6.2.0 | 7 behind | — | Apache-2.0 |
|
execnet
pypi
|
Direct | 1.9.0 | 2.1.2 | 6 behind | — | MIT |
|
pluggy
pypi
|
Direct | 1.0.0 | 1.6.0 | 6 behind | — | MIT |
|
pytest-xdist
pypi
|
Direct | 3.3.1 | 3.8.0 | 6 behind | — | MIT |
|
sphinxcontrib-htmlhelp
pypi
|
Direct | 2.0.1 | 2.1.0 | 6 behind | — | BSD-2-Clause |
|
sphinxcontrib-qthelp
pypi
|
Direct | 1.0.3 | 2.0.0 | 6 behind | — | BSD-2-Clause |
|
sphinxcontrib-serializinghtml
pypi
|
Direct | 1.1.5 | 2.0.0 | 6 behind | — | BSD-2-Clause |
|
tomli
pypi
|
Direct | 2.0.1 | 2.4.1 | 6 behind | — | MIT |
|
distlib
pypi
|
Direct | 0.3.6 | 0.4.1 | 5 behind | — | Python-2.0.1 |
|
snowballstemmer
pypi
|
Direct | 2.2.0 | 3.1.1 | 5 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
sphinxcontrib-applehelp
pypi
|
Direct | 1.0.4 | 2.0.0 | 5 behind | — | BSD-2-Clause |
|
sphinxcontrib-devhelp
pypi
|
Direct | 1.0.2 | 2.0.0 | 5 behind | — | BSD-2-Clause |
|
alabaster
pypi
|
Direct | 0.7.13 | 1.0.0 | 4 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
colorlog
pypi
|
Direct | 6.7.0 | 6.10.1 | 4 behind | — | MIT |
|
markdown-it-py
pypi
|
Direct | 2.2.0 | 4.2.0 | 4 behind | — | MIT |
|
bleach
pypi
|
Direct | 6.0.0 | 6.3.0 | 3 behind | — | Apache-2.0 |
|
iniconfig
pypi
|
Direct | 2.0.0 | 2.3.0 | 3 behind | — | MIT |
|
jaraco-classes
pypi
|
Direct | 3.2.3 | 3.4.0 | 3 behind | — | MIT |
|
pyenchant
pypi
|
Direct | 3.2.2 | 3.3.0 | 3 behind | — | GPL-3.0-or-later AND LGPL-2.1-or-later |
|
pyyaml
pypi
|
Direct | 6.0.1 | 6.0.3 | 3 behind | — | MIT |
|
imagesize
pypi
|
Direct | 1.4.1 | 2.0.0 | 2 behind | — | MIT |
|
pyproject-hooks
pypi
|
Direct | 1.0.0 | 1.2.0 | 2 behind | — | MIT |
|
sphinxcontrib-spelling
pypi
|
Direct | 8.0.0 | 8.0.2 | 2 behind | — | BSD-2-Clause AND BSD-3-Clause |
|
mypy-extensions
pypi
|
Direct | 1.0.0 | 1.1.0 | 1 behind | — | MIT |
|
six
pypi
|
Direct | 1.16.0 | 1.17.0 | 1 behind | — | MIT |
|
@jsxtools/resize-observer
npm
|
Direct | ^1.0.4 | 1.0.4 | — | — | Unknown |
|
actions/checkout
githubactions
|
Direct | 5.*.* | — | — | — | Unknown |
|
actions/checkout
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
actions/download-artifact
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
actions/github-script
githubactions
|
Direct | 7.*.* | — | — | — | Unknown |
|
actions/setup-python
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 6.*.* | — | — | — | Unknown |
|
actions/upload-artifact
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
com.google.api.grpc:proto-google-common-protos
maven
|
Direct | 2.9.0 | — | — | — | Apache-2.0 |
|
com.google.code.findbugs:jsr305
maven
|
Direct | 3.0.2 | — | — | — | BSD-3-Clause |
|
com.google.code.findbugs:jsr305
|
Direct | — | — | — | — | Unknown |
|
com.google.errorprone:error_prone_annotations
maven
|
Direct | 2.14.0 | — | — | — | Apache-2.0 |
|
com.google.errorprone:error_prone_annotations
|
Direct | — | — | — | — | Unknown |
|
com.google.guava:failureaccess
maven
|
Direct | 1.0.1 | — | — | — | Apache-2.0 |
|
com.google.guava:guava
|
Direct | — | — | — | — | Unknown |
|
com.google.guava:guava
maven
|
Direct | 31.1-android | — | — | — | Apache-2.0 |
|
com.google.guava:listenablefuture
maven
|
Direct | 9999.0-empty-to-avoid-conflict-with-guava | — | — | — | Apache-2.0 |
|
com.google.j2objc:j2objc-annotations
|
Direct | — | — | — | — | Unknown |
|
com.google.truth:truth
|
Direct | — | — | — | — | Unknown |
|
diplodoc-platform/docs-build-action
githubactions
|
Direct | 3.*.* | — | — | — | Unknown |
|
diplodoc-platform/docs-message-action
githubactions
|
Direct | 1.*.* | — | — | — | Unknown |
|
diplodoc-platform/docs-release-action
githubactions
|
Direct | 2.*.* | — | — | — | Unknown |
|
diplodoc-platform/docs-upload-action
githubactions
|
Direct | 1.*.* | — | — | — | Unknown |
|
docker/build-push-action
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
docker/login-action
githubactions
|
Direct | 65b78e6e13532edd9afa3aa52ac7964289d1a9c1 | — | — | — | Unknown |
|
docker/metadata-action
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
docker/setup-buildx-action
githubactions
|
Direct | 2.*.* | — | — | — | Unknown |
|
eslint
npm
|
Direct | ^6.8.0 | 10.4.1 | — | — | Unknown |
|
eslint-config-prettier
npm
|
Direct | ^6.10.1 | 10.1.8 | — | — | Unknown |
|
fuzzywuzzy
|
Direct | — | — | — | — | Unknown |
|
github.com/mmcloughlin/avo
golang
|
Direct | 0.6.0 | — | — | — | BSD-3-Clause |
|
golang.org/x/mod
golang
|
Direct | 0.20.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/mod
golang
|
Direct | 0.14.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/mod
golang
|
Direct | 0.19.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/sync
golang
|
Direct | 0.8.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/sync
golang
|
Direct | 0.7.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/tools
golang
|
Direct | 0.24.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/tools
golang
|
Direct | 0.16.1 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
golang.org/x/tools
golang
|
Direct | 0.23.0 | — | — | — | BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang |
|
grpcio
|
Direct | >= 1.5.0 | — | — | — | Unknown |
|
io.grpc:grpc-api
maven
|
Direct | 1.51.0 | — | — | — | Apache-2.0 |
|
io.grpc:grpc-context
maven
|
Direct | 1.51.0 | — | — | — | Apache-2.0 |
|
io.grpc:grpc-protobuf-lite
maven
|
Direct | 1.51.0 | — | — | — | Apache-2.0 |
|
jdk:srczip
maven
|
Direct | 999 | — | — | — | Unknown |
|
junit:junit
|
Direct | — | — | — | — | Unknown |
|
korthout/backport-action
githubactions
|
Direct | 3.*.* | — | — | — | Unknown |
|
mdurl
pypi
|
Direct | 0.1.2 | 0.1.2 | Current | — | MIT |
|
org.apache.felix:maven-bundle-plugin
|
Direct | — | — | — | — | Unknown |
|
org.apache.felix:maven-bundle-plugin
maven
|
Direct | 2.4.0 | — | — | — | Apache-2.0 |
|
org.apache.felix:maven-bundle-plugin
maven
|
Direct | 2.5.0 | — | — | — | Apache-2.0 |
|
org.apache.felix:maven-bundle-plugin
maven
|
Direct | 1.4.3 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-compiler-plugin
|
Direct | — | — | — | — | Unknown |
|
org.apache.maven.plugins:maven-compiler-plugin
maven
|
Direct | 3.0 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-gpg-plugin
maven
|
Direct | 1.5 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-gpg-plugin
maven
|
Direct | 1.6 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-jar-plugin
maven
|
Direct | 2.4 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-javadoc-plugin
maven
|
Direct | 2.9.1 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-javadoc-plugin
maven
|
Direct | 2.10.3 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-javadoc-plugin
maven
|
Direct | 2.8 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-release-plugin
maven
|
Direct | 2.5.3 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-remote-resources-plugin
maven
|
Direct | 1.2.1 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-site-plugin
maven
|
Direct | 3.1 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-source-plugin
maven
|
Direct | 2.4 | — | — | — | Apache-2.0 |
|
org.apache.maven.plugins:maven-source-plugin
maven
|
Direct | 2.1 | — | — | — | Apache-2.0 |
|
org.checkerframework:checker-qual
|
Direct | — | — | — | — | Unknown |
|
org.codehaus.mojo:animal-sniffer-maven-plugin
|
Direct | — | — | — | — | Unknown |
|
org.codehaus.mojo:build-helper-maven-plugin
|
Direct | — | — | — | — | Unknown |
|
org.codehaus.mojo:findbugs-maven-plugin
maven
|
Direct | 2.3.1 | — | — | — | Apache-2.0 |
|
org.glassfish.build:spec-version-maven-plugin
maven
|
Direct | 1.2 | — | — | — | CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0 |
|
org.mockito:mockito-core
|
Direct | — | — | — | — | Unknown |
|
org.sonatype.plugins:nexus-staging-maven-plugin
maven
|
Direct | 1.6.3 | — | — | — | Unknown |
|
packaging
pypi
|
Direct | 23.1 | 26.2.0 | — | — | Apache-2.0 AND BSD-2-Clause |
|
packaging
|
Direct | — | — | — | — | Unknown |
|
peter-evans/create-pull-request
githubactions
|
Direct | 5.*.* | — | — | — | Unknown |
|
pretend
pypi
|
Direct | 1.0.9 | 1.0.9 | Current | — | BSD-2-Clause AND BSD-3-Clause |
|
prettier
npm
|
Direct | ^2.0.2 | 3.8.3 | — | — | Unknown |
|
protobuf
|
Direct | >= 3.13.0 | — | — | — | Unknown |
|
py-cpuinfo
pypi
|
Direct | 9.0.0 | 9.0.0 | Current | — | MIT |
|
pygithub
|
Direct | — | — | — | — | Unknown |
|
pypa/gh-action-pypi-publish
githubactions
|
Direct | release/v1.8 | — | — | — | Unknown |
|
python-levenshtein
|
Direct | — | — | — | — | Unknown |
|
readme-renderer
pypi
|
Direct | 37.3 | 44.0.0 | — | — | Apache-2.0 |
|
requests-toolbelt
pypi
|
Direct | 1.0.0 | 1.0.0 | Current | — | Apache-2.0 |
|
rfc3986
pypi
|
Direct | 2.0.0 | 2.0.0 | Current | — | Apache-2.0 |
|
s3-actions/s3cmd
githubactions
|
Direct | 1.6.1 | — | — | — | Unknown |
|
sphinxcontrib-jquery
pypi
|
Direct | 4.1 | 4.1.0 | — | — | 0BSD AND BSD-2-Clause AND BSD-3-Clause |
|
sphinxcontrib-jsmath
pypi
|
Direct | 1.0.1 | 1.0.1 | Current | — | BSD-2-Clause |
|
webencodings
pypi
|
Direct | 0.5.1 | 0.5.1 | Current | — | BSD-2-Clause |
|
ydb-platform/ydb-slo-action/init
githubactions
|
Direct | main | — | — | — | Unknown |
|
ydb-platform/ydb-slo-action/report
githubactions
|
Direct | main | — | — | — | Unknown |
License Breakdown
Unknown
45
MIT
35
Apache-2.0
34
BSD-2-Clause AND BSD-3-Clause
12
BSD-2-Clause
10
BSD-3-Clause AND LicenseRef-scancode-google-patent-license-golang
8
BSD-3-Clause
5
MPL-2.0
2
0BSD AND BSD-2-Clause AND BSD-3-Clause
1
Apache-2.0 AND BSD-2-Clause
1
CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0
1
GPL-3.0-or-later AND LGPL-2.1-or-later
1
Python-2.0
1
Python-2.0.1
1
Unlicense
1
CVE Severity
critical
0
high
8
medium
6
low
2
unknown
0