Understanding your software supply chain

  • About the dependency graph

    You can use the dependency graph to identify all your project's dependencies. The dependency graph supports a range of popular package ecosystems.

  • Exploring the dependencies of a repository

    You can use the dependency graph to see the packages your project depends on and the repositories that depend on it. In addition, you can see any vulnerabilities detected in its dependencies.

  • About dependency review

    Dependency review lets you catch vulnerable dependencies before you introduce them to your environment, and provides information on license, dependents, and age of dependencies.

Did this doc help you?Privacy policy

Help us make these docs great!

All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

Make a contribution

Or, learn how to contribute.