> If you want to analyze non-public repositories, sign in with your GitHub account<p>Do people really expose their or their employer's source code to random third party convenience services?<p>I do understand the convenience factor here, I just think it's dodgy to encourage developers to be so flippant with privileged access.
Interesting project, would be great if this supported more than just JS projects, I'd be very interested to see some of the dependencies that my current business relies upon.
I've been wondering whether a for-pay alternative to the open-source ecosystem could be developed.<p>The problem seems to be that open-source gratis software contributes nearly zero friction to a company building out its tech, so any alternative would have to compete against that near-zero friction. I just don't see each company negotiating separate prices with 100,000 package maintainers to use all of their software on a custom linux distro just for one of their internal servers or whatever. It's a tremendous amount of friction for each company to bear.<p>If that friction could be eliminated, while keeping a requirement to pay for use of the software, then I think a non-gratis ecosystem could dwarf the gratis software world within two or three years from its launch.
A similar tool with a focus on license compliance is fossology: <a href="https://www.fossology.org/" rel="nofollow">https://www.fossology.org/</a>
Great idea! It's nice to see an easy way to support open-source software.<p>Regarding funding open-source software: Companies I've worked for have all been OK with purchasing licenses for software that saves development time. They've also been careful to abide by software license terms. I'm surprised that more open-source libraries/frameworks don't require the purchase of a commercial license in order to use them commercially.
I think we need less "awareness" and promotion, just more work on peoples' parts. Seems these projects are asking for a magic bullet to improve their stacks but find it's missing in their own time and efforts
I tried putting in my github account on the home page just to see what would happen.<p>I didn't create an account or sign in, but it created a public profile on your domain using my name without my consent.<p>Is there any way to remove that?
This is a great tool, and going to keep tabs on it for future use. I appreciated the package.json upload for my private repos. Kudos to whoever built it!
« 56 repositories depending on 0 Open Source projects. »<p>Well, that's not true. Maybe you could indicate which package systems you actually are able to analyze?