Report <https://www.theregister.com/2021/06/04/google_open_source_insights/> on a new service from Google where it examines millions of online source-code project repositories, and maps out their dependencies, letting you see information like licensing and security vulnerabilities. Because a vulnerability in a package you depend on could become a vulnerability in your code.