Open Source Insights

deps.dev

Understand the structure, construction, and security of open source packages

Visit
Open Source Insights screenshot
/ About /

Open Source Insights is a free service by Google that analyzes open source software packages and constructs detailed dependency graphs along with security information. It indexes major package ecosystems including npm, PyPI, Maven, Cargo, Go, NuGet, and RubyGems, as well as project hosts like GitHub and GitLab. Developers can explore packages via the website, query data through an HTTP/gRPC API, or run custom queries using a public BigQuery dataset.

/ How it works /

The service crawls and indexes packages from multiple ecosystems, builds complete dependency graphs, correlates security advisories from OSV, and exposes the data via a website, REST/gRPC API, and BigQuery public dataset.

/ Who it's for /

software developers and security researchers working with open source packages

/ More info /

Background.

Status
launched
Business model
free
Company
Google
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Dev Tools

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.