Depx — npm Dependency Analysis

Depx is a free tool for analysing npm packages before you install them. Enter any package name to see its full dependency tree — both direct and transitive — along with accumulative lines of code, release date, and popularity score.

Features

Dependency analysis — see exactly how many packages come along when you install something, including deeply nested transitive dependencies
Lines of code — see the total lines of code across all dependencies in the tree
Release date and popularity — quickly assess if a package is maintained and widely used
README badge generator — generate an embeddable badge for any npm package showing its dependency count, so maintainers can display how lean their package is

Why does this matter?

The average npm package has 45 of its own dependencies. Some have hundreds. If any single package in that chain is compromised, malware can be injected and secrets can be stolen. The most effective defence is to choose dependencies carefully and keep your supply chain small. Depx makes that check fast and convenient.

Who is Depx for?

Depx is for JavaScript and Node.js developers who want to make informed decisions before adding a dependency, and for package maintainers who want to show users how lean their library is.

Visit depx.co to analyse a package or generate a badge.