Related
Dependency-management-data relies on various tools for producing the datasources that are used by the dmd CLI:
- renovate-graph for using Renovate's excellent support for package ecosystems to extract dependency data
- dependabot-graph for using GitHub Advanced Security's Dependabot dependency graph functionality to extract dependency data
- endoflife-checker for various types of infrastructure lookups, such as AWS Lambda and RDS
Other related discussions about dependency-management-data:
- Blog post: Quantifying your reliance on Open Source software (State of Open Con version) - an in-depth look at what dependency-management-data is, how it came to be, and some case studies for how it's been used in the past
- Video: Jamie Tanna teaches Dan Lorenc how to use dependency-management-data
- Video: Jamie Tanna speaking at State of Open Con 2024 about dependency-management-data as a ~30 minute conference talk
- Blog post: What can we learn about the backdooring of xz/liblzma, using OpenSSF Security Scorecards and dependency-management-data?
- Blog post: Introducing insight into your dependencies' health in dependency-management-data
- Video: Jamie Tanna speaking at DevOpsDays London 2023 about dependency-management-data as a 5 minute Ignite talk
- Blog post: Utilising Renovate's
localplatform to makerenovate-graphmore efficient - Blog post: Custom Advisories: the unsung hero of dependency-management-data
- Blog post: Using dependency-management-data with GitLab's Pipeline-specific CycloneDX SBOM exports
- Blog post: Using dependency-management-data with npm's SPDX and CycloneDX SBOM export functionality
Related Open Source projects in the space, who are doing somewhat similar things: