See inside any package.
Dependencies, vulnerabilities, license & health — all in one view.
Scan direct dependencies for known CVEs using the OSV database. See which dependencies put your project at risk.
Understand what you're paying for. See tree-shaking support, module composition, and loading impact on slow connections.
Check release cadence, maintainer count, and community activity. Know if a package is actively maintained before you depend on it.
Compare with hand-picked alternatives. See how your chosen package stacks up in downloads, bundle size, and security.
Supports npm, Composer and PyPI packages.