{"package":"syft","ecosystem":"conda","latest_version":"1.43.0","description":"CLI tool and library for generating a Software Bill of Materials from container images and filesystems","license":"Apache-2.0","license_risk":"permissive","commercial_use_notes":"Permissive: commercial closed-source use OK; preserve the copyright notice.","homepage":"https://github.com/anchore/syft","repository":"","downloads_weekly":915,"health":{"score":70,"risk":"moderate","breakdown":{"maintenance":25,"popularity":3,"security":25,"maturity":15,"community":2},"deprecated":false,"max_score":100},"vulnerabilities":{"count":0,"critical":0,"high":0,"medium":0,"low":0,"details":[]},"versions":{"latest":"1.43.0","total_count":75,"recent":["1.34.0","1.34.1","1.34.2","1.35.0","1.36.0","1.37.0","1.38.0","1.38.2","1.39.0","1.40.0","1.40.1","1.41.0","1.41.1","1.41.2","1.42.0","1.42.1","1.42.2","1.42.3","1.42.4","1.43.0"]},"metadata":{"deprecated":false,"deprecated_message":null,"maintainers_count":1,"first_published":"2023-12-20 23:13:40.750000+00:00","last_published":"2026-04-22 18:04:31.716000+00:00","dependencies_count":0,"dependencies":[]},"github_stats":null,"bundle":null,"typescript":null,"known_issues":{"bugs_count":0,"bugs_severity":{},"status_breakdown":{},"link":null,"scope":"none"},"historical_compromise":null,"recommendation":{"action":"safe_to_use","issues":[],"use_version":"1.43.0","version_hint":null,"summary":"syft@1.43.0 is safe to use (health: 70/100)"},"version_scoped":null,"requested_version":null,"_cache":"hit","_response_ms":0,"_powered_by":"depscope.dev — free package intelligence for AI agents","typosquat":{"is_suspected":false},"maintainer_trust":{"available":false},"malicious":{"is_malicious":false},"scorecard":{"available":false},"quality":{"available":false},"version_history_summary":{"total_versions":20,"first_release_age_days":860,"last_release_days_ago":6,"avg_days_between_releases":45,"release_velocity":"active"}}