advisories

4,999 rows

View and edit SQL

This data as json, CSV (advanced)

Suggested facets: platform, package_manager, advisory_type, supported_until, supported_until (date), eol_from (date), dep_types (array)

Link rowid ▼ platform organisation repo package_name version current_version package_manager package_file_path dep_types level advisory_type description supported_until eol_from
1 1 github DDDEastMidlandsLimited dddem-web @babel/plugin-proposal-class-properties ^7.18.6 7.18.6 npm package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
2 2 github DDDEastMidlandsLimited dddem-web node 20 v20.19.2 nvm .nvmrc [] ERROR DEPRECATED nodejs 20 has been unsupported (usually only receiving critical security fixes) for 240 days 2024-10-22 2026-04-30
3 3 github IndiePass indiepass-android gradle 8.7 8.7 gradle-wrapper gradle/wrapper/gradle-wrapper.properties [] ERROR DEPRECATED gradle 8 is marked as unsupported (usually only receiving critical security fixes)    
4 4 github PaddleHQ paddle-js-wrapper eslint ^8.0.1 8.57.1 npm package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
5 5 github PaddleHQ paddle-js-wrapper rollup-plugin-babel ^4.4.0 4.4.0 npm package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
6 6 github PaddleHQ paddle-nextjs-starter-kit node 20 v20.19.2 nvm .nvmrc [] ERROR DEPRECATED nodejs 20 has been unsupported (usually only receiving critical security fixes) for 240 days 2024-10-22 2026-04-30
7 7 github PaddleHQ paddle-nextjs-starter-kit node >=20 v24.2.0 npm package.json ["engines"] ERROR DEPRECATED nodejs 24 is marked as unsupported (usually only receiving critical security fixes) 2026-10-20 2028-04-30
8 8 github PaddleHQ paddle-node-sdk eslint-config-standard-with-typescript ^43.0.1 43.0.1 npm package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
9 9 github PaddleHQ paddle-node-sdk node >=18 v24.2.0 npm package.json ["engines"] ERROR DEPRECATED nodejs 24 is marked as unsupported (usually only receiving critical security fixes) 2026-10-20 2028-04-30
10 10 github alphagov pay-selfservice node 22.16.0 22.16.0 nvm .nvmrc [] ERROR DEPRECATED nodejs 22 is marked as unsupported (usually only receiving critical security fixes) 2025-10-21 2027-04-30
11 11 github alphagov pay-selfservice node 22.16.0-alpine3.21 22.16.0-alpine3.21 dockerfile Dockerfile ["final"] ERROR DEPRECATED nodejs 22 is marked as unsupported (usually only receiving critical security fixes) 2025-10-21 2027-04-30
12 12 github alphagov pay-selfservice node ^22.16.0 v22.16.0 npm package.json ["engines"] ERROR DEPRECATED nodejs 22 is marked as unsupported (usually only receiving critical security fixes) 2025-10-21 2027-04-30
13 13 github alphagov pay-selfservice sinon ^15.2.0 15.2.0 npm package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
14 14 github architect architect node >=16 v24.2.0 npm package.json ["engines"] ERROR DEPRECATED nodejs 24 is marked as unsupported (usually only receiving critical security fixes) 2026-10-20 2028-04-30
15 15 github clever microplane github.com/xanzy/go-gitlab v0.115.0 v0.115.0 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
16 16 github cli cli github.com/go-chi/chi v4.1.2+incompatible v4.1.2+incompatible gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
17 17 github cli cli github.com/pkg/errors v0.9.1 v0.9.1 gomod go.mod ["indirect"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
18 18 github cloud-custodian cloud-custodian github.com/pkg/errors v0.9.1 v0.9.1 gomod tools/cask/go.mod ["indirect"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
19 19 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
20 20 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_awscc/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
21 21 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_azure/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
22 22 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_gcp/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
23 23 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_kube/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
24 24 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_left/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
25 25 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_mailer/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
26 26 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_oci/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
27 27 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_openstack/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
28 28 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_org/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
29 29 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_policystream/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
30 30 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_sphinxext/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
31 31 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_tencentcloud/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
32 32 github cloud-custodian cloud-custodian python <4.0.0,>=3.9.2 3.13.5 pep621 tools/c7n_terraform/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
33 33 github dagger dagger @eslint/js ^10.0.0 10.0.0 npm sdk/typescript/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
34 34 github dagger dagger github.com/golang/protobuf v1.5.3 v1.5.3 gomod docs/current_docs/api/snippets/documentation/go/go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
35 35 github dagger dagger github.com/golang/protobuf v1.5.4 v1.5.4 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
36 36 github dagger dagger github.com/pkg/errors v0.9.1 v0.9.1 gomod .dagger/go.mod ["indirect"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
37 37 github dagger dagger github.com/pkg/errors v0.9.1 v0.9.1 gomod modules/alpine/go.mod ["indirect"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
38 38 github dagger dagger github.com/pkg/errors v0.9.1 v0.9.1 gomod go.mod ["require"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
39 39 github dagger dagger node >=18 v24.2.0 npm sdk/typescript/package.json ["engines"] ERROR DEPRECATED nodejs 24 is marked as unsupported (usually only receiving critical security fixes) 2026-10-20 2028-04-30
40 40 github dagger dagger node >=18.0 v24.2.0 npm docs/package.json ["engines"] ERROR DEPRECATED nodejs 24 is marked as unsupported (usually only receiving critical security fixes) 2026-10-20 2028-04-30
41 41 github dagger dagger python 3.12 3.12 pyenv sdk/python/.python-version [] ERROR DEPRECATED python 3.12 has been unsupported (usually only receiving critical security fixes) for 78 days 2025-04-02 2028-10-31
42 42 github dagger dagger python >= 3.10 3.13.5 pep621 sdk/python/codegen/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
43 43 github dagger dagger python >=3.10 3.13.5 pep621 sdk/python/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
44 44 github dagger dagger python >=3.12 3.13.5 pep621 core/integration/testdata/modules/python/extended/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
45 45 github dagger dagger python >=3.12 3.13.5 pep621 core/integration/testdata/modules/python/git-dep/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
46 46 github dagger dagger python >=3.12 3.13.5 pep621 core/integration/testdata/modules/python/ifaces/.dagger/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
47 47 github dagger dagger python >=3.12 3.13.5 pep621 core/integration/testdata/modules/python/ifaces/impl/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
48 48 github dagger dagger python >=3.12 3.13.5 pep621 core/integration/testdata/modules/python/ifaces/test/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
49 49 github dagger dagger python >=3.12 3.13.5 pep621 dagql/idtui/viztest/python/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
50 50 github dagger dagger python >=3.12 3.13.5 pep621 docs/current_docs/api/snippets/modules/testing/python/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
51 51 github dagger dagger python >=3.12 3.13.5 pep621 docs/current_docs/quickstart/agent/snippets/part1/python/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
52 52 github dagger dagger python >=3.12 3.13.5 pep621 sdk/python/dev/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
53 53 github dagger dagger python >=3.12 3.13.5 pep621 sdk/python/runtime/template/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
54 54 github elastic beats github.com/Azure/azure-event-hubs-go/v3 v3.6.1 v3.6.1 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
55 55 github elastic beats github.com/Azure/go-autorest/autorest v0.11.29 v0.11.29 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
56 56 github elastic beats github.com/Azure/go-autorest/autorest/adal v0.9.24 v0.9.24 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
57 57 github elastic beats github.com/Azure/go-autorest/autorest/date v0.3.0 v0.3.0 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
58 58 github elastic beats github.com/Azure/go-autorest/autorest/to v0.4.0 v0.4.0 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
59 59 github elastic beats github.com/Azure/go-autorest/autorest/validation v0.3.1 v0.3.1 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
60 60 github elastic beats github.com/Azure/go-autorest/logger v0.2.1 v0.2.1 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
61 61 github elastic beats github.com/Azure/go-autorest/tracing v0.6.0 v0.6.0 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
62 62 github elastic beats github.com/elastic/go-elasticsearch/v8 v8.18.0 v8.18.0 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
63 63 github elastic beats github.com/golang/protobuf v1.5.4 v1.5.4 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
64 64 github elastic beats github.com/pkg/errors v0.9.1 v0.9.1 gomod go.mod ["require"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
65 65 github elastic beats go.elastic.co/apm/module/apmelasticsearch/v2 v2.6.3 v2.6.3 gomod go.mod ["require"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
66 66 github elastic beats go.elastic.co/apm/module/apmhttp/v2 v2.6.3 v2.6.3 gomod go.mod ["require"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
67 67 github elastic beats go.elastic.co/apm/module/apmzap/v2 v2.7.0 v2.7.0 gomod go.mod ["indirect"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
68 68 github elastic beats go.elastic.co/apm/v2 v2.7.0 v2.7.0 gomod go.mod ["require"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
69 69 github elastic beats python 3.9.13 3.9.13 pyenv .python-version [] ERROR DEPRECATED python 3.9 has been unsupported (usually only receiving critical security fixes) for 1129 days 2022-05-17 2025-10-31
70 70 github elastic cloudbeat github.com/Azure/go-autorest/autorest v0.11.29 v0.11.29 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
71 71 github elastic cloudbeat github.com/Azure/go-autorest/autorest/adal v0.9.24 v0.9.24 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
72 72 github elastic cloudbeat github.com/Azure/go-autorest/autorest/date v0.3.0 v0.3.0 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
73 73 github elastic cloudbeat github.com/Azure/go-autorest/logger v0.2.1 v0.2.1 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
74 74 github elastic cloudbeat github.com/Azure/go-autorest/tracing v0.6.0 v0.6.0 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
75 75 github elastic cloudbeat github.com/dgraph-io/ristretto v1.0.0 v1.0.0 gomod go.mod ["require"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
76 76 github elastic cloudbeat github.com/go-chi/chi v4.1.2+incompatible v4.1.2+incompatible gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
77 77 github elastic cloudbeat github.com/golang/protobuf v1.5.4 v1.5.4 gomod go.mod ["indirect"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
78 78 github elastic cloudbeat github.com/lestrrat-go/jwx v1.2.27 v1.2.27 gomod go.mod ["replace"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
79 79 github elastic cloudbeat github.com/pkg/errors v0.9.1 v0.9.1 gomod go.mod ["indirect"] ERROR DEPRECATED pkg/errors is no longer necessary, as functionality exists in the Go standard library, or in better packages    
80 80 github elastic cloudbeat go.elastic.co/apm/module/apmelasticsearch/v2 v2.6.3 v2.6.3 gomod go.mod ["indirect"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
81 81 github elastic cloudbeat go.elastic.co/apm/module/apmhttp/v2 v2.6.3 v2.6.3 gomod go.mod ["indirect"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
82 82 github elastic cloudbeat go.elastic.co/apm/v2 v2.7.0 v2.7.0 gomod go.mod ["indirect"] ERROR DEPRECATED As noted in https://github.com/elastic/apm-agent-go, Elastic have deprecated the Go APM agent, and are instead recommending the move over to the OpenTelemetry Go SDK, which provides similar functionality, but requires a migration (https://www.elastic.co/blog/elastic-go-apm-agent-to-opentelemetry-go-sdk)    
83 83 github elastic cloudbeat python >=3.11 3.13.5 pep621 security-policies/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
84 84 github elastic cloudbeat python >=3.9 3.13.5 pep621 tests/pyproject.toml ["requires-python"] ERROR DEPRECATED python 3.13 is marked as unsupported (usually only receiving critical security fixes) 2026-10-01 2029-10-31
85 85 github elastic elasticsearch gradle 8.14.2 8.14.2 gradle-wrapper build-tools-internal/gradle/wrapper/gradle-wrapper.properties [] ERROR DEPRECATED gradle 8 is marked as unsupported (usually only receiving critical security fixes)    
86 86 github elastic elasticsearch gradle 8.14.2 8.14.2 gradle-wrapper gradle/wrapper/gradle-wrapper.properties [] ERROR DEPRECATED gradle 8 is marked as unsupported (usually only receiving critical security fixes)    
87 87 github elastic elasticsearch gradle 8.14.2 8.14.2 gradle-wrapper plugins/examples/gradle/wrapper/gradle-wrapper.properties [] ERROR DEPRECATED gradle 8 is marked as unsupported (usually only receiving critical security fixes)    
88 88 github elastic elasticsearch gradle 8.7 8.7 gradle-wrapper libs/simdvec/native/gradle/wrapper/gradle-wrapper.properties [] ERROR DEPRECATED gradle 8 is marked as unsupported (usually only receiving critical security fixes)    
89 89 github elastic eui @babel/plugin-proposal-class-properties ^7.18.6 7.18.6 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
90 90 github elastic eui @babel/plugin-proposal-object-rest-spread ^7.20.7 7.20.7 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
91 91 github elastic eui @cypress/react18 ^2.0.0 2.0.0 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
92 92 github elastic eui @faker-js/faker ^8.0.2 8.0.2 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
93 93 github elastic eui @types/classnames ^2.3.1 2.3.1 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
94 94 github elastic eui @types/vfile-message ^2.0.0 2.0.0 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
95 95 github elastic eui core-js ^3.6.5 3.6.5 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
96 96 github elastic eui eslint ^8.41.0 8.43.0 npm packages/eui-theme-borealis/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
97 97 github elastic eui eslint ^8.41.0 8.43.0 npm packages/eui-theme-common/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
98 98 github elastic eui eslint ^8.41.0 8.43.0 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
99 99 github elastic eui eslint ^8.57.0 8.57.1 npm packages/eslint-plugin/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    
100 100 github elastic eui glob ^7.1.6 7.2.3 npm packages/eui/package.json ["devDependencies"] ERROR DEPRECATED Package is deprecated, according to package manager metadata    

Next page

Advanced export

JSON shape: default, array, newline-delimited

CSV options: 

CREATE TABLE advisories (
  -- what platform hosts the source code that this Advisory was produced for?
  -- i.e. `github`, `gitlab`, `gitea`, etc
  --
  -- See also: https://dmd.tanna.dev/concepts/repo-key/#platform
  --
  -- Foreign keys:
  -- - `renovate.platform`
  --
  -- TODO: restore SBOM support
  -- https://gitlab.com/tanna.dev/dependency-management-data/-/issues/596
  platform TEXT NOT NULL,
  -- what organisation manages the source code that this Advisory was produced
  -- for? Can include `/` for nested organisations
  --
  -- See also: https://dmd.tanna.dev/concepts/repo-key/#organisation
  --
  -- Foreign keys:
  -- - `renovate.organisation`
  --
  -- TODO: restore SBOM support
  -- https://gitlab.com/tanna.dev/dependency-management-data/-/issues/596
  organisation TEXT NOT NULL,
  -- what repo manages the source code that this Advisory was produced
  -- for?
  --
  -- See also: https://dmd.tanna.dev/concepts/repo-key/#repo
  --
  -- Foreign keys:
  -- - `renovate.repo`
  --
  -- TODO: restore SBOM support
  -- https://gitlab.com/tanna.dev/dependency-management-data/-/issues/596
  repo TEXT NOT NULL,

  -- what package is this Advisory for?
  --
  -- Foreign keys:
  -- - `renovate.package_name`
  -- - `sboms.package_name`
  package_name TEXT NOT NULL,
  -- version indicates the version of `package_name` that this Advisory
  -- is for.
  --
  -- NOTE this could be a version constraint, such as any of:
  --
  --   <=1.3.4,>=1.3.0
  --   "~> 0.9"
  --   latest
  --   ^2.0.6
  --   =1.0.4
  --
  -- As well as a specific value, such as:
  --
  --   1.0.4
  --   10
  --   latest
  --
  -- This versioning will be implementation-specific for the `package_manager` in use.
  --
  -- Foreign keys:
  -- - `renovate.version`
  -- - `sboms.version`
  version TEXT NOT NULL,
  -- current_version defines the current version that this package's `version`
  -- resolves to.
  --
  -- If the `version` is an exact version number, such as `1.0.4`, then
  -- `current_version` will usually be the same value, `1.0.4`.
  --
  -- If the `version` is a version constraint, then this column MAY indicate
  -- the exact version that was resolved at the time of dependency analysis.
  --
  -- Foreign keys:
  -- - `renovate.current_version`
  -- - `sboms.current_version`
  current_version TEXT,
  -- package_manager indicates the package manager that the Advisory
  -- will correspond to.
  --
  -- Based on which datasource(s) (https://dmd.tanna.dev/concepts/datasource/)
  -- you are using, this will be a different value:
  --
  -- - for Renovate data, must exactly match `renovate.package_manager`.
  --   Note that there may be multiple `package_managers`, for instance `maven`
  --   and `gradle`, which would require two rows.
  -- - for Software Bill of Materials (SBOM) data, must exactly match `sboms.package_type`
  --
  -- If you are using multiple datasources, you will have one row per
  -- `package_manager` that this Advisory matches.
  --
  -- Foreign keys:
  -- - `renovate.package_manager`
  -- - `sboms.package_type`
  package_manager TEXT NOT NULL,
  -- package_file_path defines the path within `repo` that defines the
  -- `package_name` as a dependency. For example:
  --
  --   .github/workflows/build.yml
  --   go.mod
  --   build/Dockerfile
  --
  -- NOTE that this may be empty
  -- (https://gitlab.com/tanna.dev/dependency-management-data/-/issues/396)
  --
  -- Foreign keys:
  -- - `renovate.package_file_path`
  -- - `sboms` does not have this field
  package_file_path TEXT NOT NULL,
  -- dep_types defines the different dependency types that may be in use. This
  -- will always be a JSON array, with 0 or more string elements. For example:
  --
  --   []
  --   ["action"]
  --   ["dependencies","lockfile"]
  --   ["dependencies","missing-data"]
  --   ["lockfile","lockfile-yarn-pinning-^21.1.1"]
  --   ["engines"]
  --
  -- Based on which datasource(s) (https://dmd.tanna.dev/concepts/datasource/)
  -- you are using, this will have different values and meanings.
  --
  -- TODO Querying this column will be found documented in
  -- https://gitlab.com/tanna.dev/dependency-management-data/-/issues/288
  --
  -- NOTE that in the future these there will be a more consistent naming
  -- structure for these
  -- (https://gitlab.com/tanna.dev/dependency-management-data/-/issues/379)
  --
  -- Foreign keys:
  -- - `renovate.package_file_path`
  -- - `sboms` does not have this field
  dep_types TEXT NOT NULL,

  -- level defines the severity of the Advisory. This will be
  -- organisation-specific in terms of what you deem most critical, but an
  -- example of what this could look like is:
  --
  --   ERROR: "Use of AGPL-3.0 licensed dependencies anywhere is a high-severity"
  --   WARN:  "Using a dependency that hasn't been updated in 1 year should be avoided"
  level TEXT NOT NULL
    CHECK (
      level IN (
        'ERROR',
        'WARN'
      )
    ),
  -- advisory_type defines the type of Advisory
  -- (https://dmd.tanna.dev/concepts/advisory/) that this Advisory will
  -- flagged as.
  advisory_type TEXT NOT NULL
    CHECK (
      advisory_type IN (
        -- the dependency is deprecated, and should ideally be replaced
        'DEPRECATED',
        -- the dependency is no longer maintained
        'UNMAINTAINED',
        -- there is a security issue with this dependency
        'SECURITY',
        -- there is organisational policy that recommends awareness of the use
        -- of this dependency
        'POLICY',
        -- there is no other `advisory_type` that makes sense for this type. If
        -- you feel there should be, please raise an issue on the issue tracker
        -- (https://gitlab.com/tanna.dev/dependency-management-data/-/issues)
        'OTHER'
      )
    ),
  -- description is a human-readable explanation of why this advisory is being
  -- flagged. The contents will be shown verbatim to a user, and will not be
  -- interpreted as markup. This can be as long and detailed as you wish, and
  -- is recommended to include links to (internal) documentation around the
  -- finding, any known remediation actions, and communication channels to
  -- reach out to for information.
  description TEXT NOT NULL,

  -- supported_until describes the date that this dependency is (actively)
  -- supported until
  --
  -- NOTE: that this is only relevant for `UNMAINTAINED` or `DEPRECATED` advisories
  supported_until TEXT,
  -- eol_from describes the date that this dependency will be marked as End of
  -- Life, and will no longer be maintained from
  --
  -- NOTE: that this is only relevant for `UNMAINTAINED` or `DEPRECATED` advisories
  eol_from TEXT,

  UNIQUE (platform, organisation, repo, package_file_path, package_name, package_manager, dep_types, level, advisory_type, description) ON CONFLICT REPLACE
);