Open Source Insights
Understand the structure, construction, and security of open source packages

Open Source Insights is a free service by Google that analyzes open source software packages and constructs detailed dependency graphs along with security information. It indexes major package ecosystems including npm, PyPI, Maven, Cargo, Go, NuGet, and RubyGems, as well as project hosts like GitHub and GitLab. Developers can explore packages via the website, query data through an HTTP/gRPC API, or run custom queries using a public BigQuery dataset.
The service crawls and indexes packages from multiple ecosystems, builds complete dependency graphs, correlates security advisories from OSV, and exposes the data via a website, REST/gRPC API, and BigQuery public dataset.
software developers and security researchers working with open source packages
Background.
- Status
- launched
- Business model
- free
- Company
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.