Libraries.io

Unclaimed

Monitor and search open source packages for security and maintenance insights.

Vulnerability Scanning Security Monitoring

Visit Website

FreemiumVisit Website

TL;DR - Libraries.io

Monitors over 10 million open source packages across 32 package managers.
Provides free access to basic package metadata, license, and dependency insights.
Offers a paid Tidelift Subscription for validated, curated data and advanced security features.

Pricing: Free plan available

Best for: Growing teams

Pros & Cons

Pros

Free to use for basic package information
Covers a vast number of open source packages and package managers
Useful for initial discovery and exploration of open source projects
Provides basic insights into package metadata and licenses

Cons

Data is scraped from the internet and not validated for accuracy
Limited insights compared to paid alternatives
Does not include vulnerability insights or maintenance status

Key Features

Search 10.5M+ open source packagesFilter by license and languageExplore new, trending, or popular packagesAPI access (limited and rate restricted)Monitors 32 different package managers

Pricing Plans

Libraries.io

Free

Read from package and source repository metadata, not validated for accuracy
Limited insights only, not validated for accuracy
Limited and rate restricted API access

The Tidelift Subscription

Extensive and human-validated for accuracy package metadata
Paying maintainers to implement secure development practices and provide attestations
Extensive data about practices and attestations made available only to customers
Analyzed, and manually validated for accuracy license data, also including normalized SPDX expression
Extensive and human-validated for accuracy dependency insights, and including dependency graph relationships
CVE data ingested from multiple sources and mapped to specific versions, plus maintainer CVE reviews for impact, workarounds, and false positive identification
Extensive and human-validated for accuracy maintenance status, including deprecation, end-of-life, and package rename insights
Extensive and human-validated for accuracy release and usage recommendations
Robust set of APIs, enterprise support and SLA, and rate customizable
Package assessment SLAs included with Tidelift Subscription

View full pricing

About Libraries.io

By Toolradar Team·Updated Feb 23, 2026

Libraries.io is a free service that aggregates publicly available information on over 10 million open source packages across 32 different package managers. It allows users to search for packages by license, language, or explore new, trending, or popular packages. The platform provides basic package metadata, license data, and limited dependency insights by scraping data from the internet. While Libraries.io offers a broad overview of the open source ecosystem, its data is not validated or curated for accuracy. For users requiring more complete, accurate, and human-validated data for critical decisions regarding open source usage and management, the Tidelift Subscription is offered as a paid alternative. The Tidelift Subscription provides deeper insights, including vulnerability data, maintenance status, and secure development practice attestations, backed by paid maintainer partners. This tool is ideal for developers, researchers, and organizations looking for a quick, free way to discover and get basic information about open source packages. However, for enterprise-grade security, compliance, and risk management, the Tidelift Subscription offers a more robust solution with curated data and additional features.

How we evaluate tools →Source: libraries.io

Reviews

No reviews yet. Be the first to review Libraries.io!

Write a Review

Best Libraries.io Alternatives

Top alternatives based on features, pricing, and user needs.

VeracodePaid

Application security testing platform

CheckmarxPaid

Application security testing platform

GrypeFree

Vulnerability scanner for container images

See all Vulnerability Scanning tools →

Explore More

Best Vulnerability Scanning Tools Best Security Monitoring Tools

Libraries.io FAQ

What is Libraries.io?

Libraries.io is a free service that collects publicly available open source package information by scraping data from the internet. It allows users to search and explore over 10 million open source packages across various package managers.

How much does Libraries.io cost?

Libraries.io is a free service. However, a more comprehensive and accurate data offering is available through the paid Tidelift Subscription.

Is Libraries.io free?

Yes, Libraries.io is a free service. There is also a paid offering, the Tidelift Subscription, for more complete and validated data.

Who is Libraries.io for?

Libraries.io is for anyone looking to discover and get basic information about open source packages, including developers, researchers, and organizations. For those needing validated, curated data for critical decisions, the Tidelift Subscription is recommended.

Source: libraries.io