Dependency Analysis

The process of identifying and evaluating all third-party software components a codebase relies on -- direct dependencies you chose to include, plus transitive dependencies pulled in automatically. A typical modern application has hundreds or thousands of dependencies. Dependency analysis answers: what are we actually running, who maintains it, what's the license, and are there known vulnerabilities?