dbt Core Support & Health

Health Metrics

Project Health at a Glance

Live data from GitHub and PyPI, updated daily.

⭐

12.8K+2

GitHub Stars

📦

v1.11.10

Latest Release · Yesterday

🔄

10d

Avg. Release Cadence

🐛

819

Open Issues

📅

Yesterday

Last Commit

🔒

Active CVEs

Data last fetched: 2026-05-15

Security

Known Vulnerabilities

5 active CVEs reported via OSV.dev

GHSA-j4g3-3q8x-jxqp CVSS_V3

dbt-core's secret env vars written to package-lock.json in plaintext

Published: 2023-12-08 Fixed in: 1.7.3

GHSA-p3f3-5ccg-83xq CVSS_V3

dbt has an implicit override for built-in materializations from installed packages

Published: 2024-07-17 Fixed in: 1.6.14

GHSA-p72q-h37j-3hq7 CVSS_V3

dbt uses a SQLparse version with a high vulnerability

Published: 2024-04-22 Fixed in: 1.6.13

GHSA-pmrx-695r-4349 CVSS_V3

dbt allows Binding to an Unrestricted IP Address via socketsocket

Published: 2024-05-28 Fixed in: 1.6.15

PYSEC-2024-66 CVSS_V3

Published: 2024-07-16 Fixed in: 3c82a0296d227cb1be295356df314c11716f4ff6

Ecosystem

Alternatives to dbt Core

Other Data Science projects in the Python ecosystem worth evaluating.

sqlmesh → dataform → apache-beam →

Get Help

Support Options for dbt Core

Enterprise Support via DepKeep

Get SLA-backed support, security patches, and direct access to senior engineers for dbt Core — without relying on volunteer maintainers.

Talk to an Expert →

Community Channels

GitHub Discussions →Slack →Stack Overflow →