Skip to content

Component Lake

The Component Lake is TrustSource's global component library. It aggregates data from public package registries (npm, Maven, PyPI, etc.) and enriches it with license, vulnerability and version metadata.

What you can do

  • Search for components by name, ecosystem or identifier.
  • Inspect a component's versions, licenses, vulnerabilities and CPE entries.
  • See dependents — which of your modules use this component.
  • View metadata — maintainers, repository URL, release dates.

📸 Screenshot: the Component Lake search with a component detail panel.