Looking for an in-depth example of how this data can be used?

Check out the Case Studies!

Below you can find screencasts of the dependency-management-data CLI, dmd and some of the features built into it.

The below examples are based on the example repo on GitLab.com.

You can also check out the DMD web application which corresponds with this data at dependency-management-data-example.fly.dev.

It's recommended to have a look at the repo and have a play with the data, but an example of the different things you can do with the project can be found below.

Initialise database and import datasources

Set ownership information

Report for usages of golangci-lint which are tracked as a source dependency

Report package advisories

Includes custom advisories ("this package is deprecated", "our organisation doesn't want to use that library") as well as End-of-Life (EOL) checking

Additionally, through the report advisories command (There's a lot to display here, so it disappears pretty quickly 😅):

Report infrastructure advisories

Report license information for package dependencies

Perform a policy evaluation

Generate policy evaluations + report them

Report usages of a specific dependency

Report packages looking for financial funding

Report Libyears

For more detail on Libyears, check out the docs for dmd report libyear.

Interact with the database's internal metadata