Your dependencies
deserve a health check
Scan. Score. Decide. One platform to audit every package you use.
Your biggest blind spot
Complete dependency control — from risk to remediation
- Map your entire dependency surface — direct and transitiveDepTools generates a full, interactive dependency graph — direct and transitive. Instantly spot high-risk nodes and hidden exposure across your entire stack.
- Detect and remediate vulnerabilities — at scaleEvery dependency is checked against the latest security advisories. You get the severity, the scope across transitives, and clear remediation guidance — not just a list.
- Eliminate update drift before it becomes a crisisTrack how outdated your dependencies are, detect version conflicts, and understand the real maintenance burden — so your team focuses on features, not drift.
- Automated license compliance — before legal flags itEvery license is categorized and checked for compatibility. Copyleft and commercial risks are flagged automatically — and your SBOM is one click away.
Full-stack dependency intelligence
Eight specialized analyzers. One unified dashboard.
Security
- Surface CVEs across direct and transitive dependencies instantly
- Get actionable remediation paths — not just alerts
- Quantify your full attack surface, including hidden transitive risk
- Stay ahead of new advisories with continuous monitoring
Pricing
Start free. Scale as you grow. No hidden fees.
Get started with dependency analysis on public repositories.
- All features
- Up to 10 public projects
- 3-hour scan cooldown per project
Unlimited dependency analysis for open-source maintainers and organizations.
- Unlimited public projects
- Unlimited scans
- Community support
Advanced dependency analysis for private repositories, teams, and companies.
- 3 private repositories included, +$5/mo per extra
- Unlimited public projects
- Unlimited scans
- Priority commercial support
Prices shown exclude applicable taxes.
Frequently asked questions
Get clarity before you commit.
DepTools connects to your GitHub repositories and scans your manifest files (pom.xml, build.gradle, etc.) to build a complete dependency graph enriched with security metrics, version data, and ecosystem intelligence. Connect your account, click Scan, and get actionable results in minutes.
No. DepTools only reads your dependency manifest files (e.g. pom.xml, build.gradle) via the GitHub API. Your actual source code is never transmitted or stored on our servers. All analysis is performed on metadata and publicly available package information.
CVE data is refreshed continuously from the National Vulnerability Database (NVD) and multiple security advisory feeds. Ecosystem signals — such as new releases, dependent counts or GitHub stars — are refreshed weekly.
DepTools currently supports Maven Central and Google's Maven Repository, covering Java, Kotlin, and Android projects. Analysis requires manifest files (pom.xml, build.gradle, etc.). Support for npm (Node.js / JavaScript / TypeScript) and PyPI (Python) is on the roadmap — check the Integrations section for the latest status.
Yes. Reach us at support@deptools.io. Response time is prioritized based on your plan — Pro users receive faster, dedicated support.
Each repository you scan becomes a project in DepTools. For multi-module repositories, you can create one project per module. Free plan: up to 10 public projects, with one scan per project every 3 hours. Open-Source Max: no limits on public projects or scan frequency. Pro: adds support for private repositories.