Dependency Drift Report
info| Dependency {{ sort_control("name") }} | Security {{ sort_control("cve-index") }} | Drift Status {{ sort_control("version-diff-index") }} | Installed {{ sort_control("installed-version") }} | Latest {{ sort_control("latest-version") }} | Releases Distance {{ sort_control("releases-lag") }} | Time Lag {{ sort_control("time-lag") }} |
|---|---|---|---|---|---|---|
|
{{ dep.package_name }}
{% if dep.is_dev_dependency %}
logo_dev
{% endif %}
|
{% if dep.cve|length > 0 %} security {{ dep.cve|length }} CVE{% if dep.cve|length > 1 %}s{% endif %} {% endif %} | {% versions_difference dep.versions_diff_index %} | {{ dep.installed_version }} | {% if dep.latest_version %} {{ dep.latest_version }} {% else %} N/A {% endif %} | {{ dep.releases_lag }} | {{ dep.time_lag_days | format_highlight_days(lag_threshold_days) }} |
| No dependencies found. | ||||||
Legend
Your dependency is one or more **major versions** behind, implying accumulated breaking changes and higher remediation effort if addressed.
Behind on non-breaking feature releases; remediation is typically low-risk and can be planned opportunistically.
Missing bugfixes or security patches; remediation effort is usually minimal.
Aligned with the latest release; no remediation required at this time.
The number and type of releases between the installed version and the latest available version.
e.g., 1.0.0 to 1.0.1 is 1
patch release,
1.0.0 to 1.1.0 is 1 minor
release,
1.0.0 to 2.0.0 is 1 major
release.
The time elapsed between the installed version and the latest available release. Color indicates how far the dependency has drifted relative to configured thresholds. Green: less than {{ lag_threshold_days }} days, Orange: more than {{ lag_threshold_days }} days, Red: more than {{ lag_threshold_days * 2 }} days.