Terms of Service

Last Updated: December 15, 2025

1. Acceptance of Terms

By accessing and using DependencyDesk ("Service"), you accept and agree to be bound by the terms and provisions of this agreement. If you do not agree to these Terms of Service, please do not use the Service.

2. Service Description

DependencyDesk is a software analysis tool that connects to GitHub repositories to identify and report on software dependencies, their versions, and licenses. The Service analyzes manifest files (such as package.json, composer.json, Gemfile, and requirements.txt) to generate dependency reports.

3. Accuracy and Limitations

Best Effort Analysis: DependencyDesk will make its best effort to produce comprehensive and accurate dependency reports. However, like all software, DependencyDesk is not infallible and may contain bugs, errors, or limitations.

User Responsibility: You acknowledge and agree that you are ultimately responsible for confirming the accuracy and completeness of all dependency information reported by DependencyDesk. The Service should be used as a tool to assist in dependency analysis, not as the sole source of truth.

No Guarantee: We do not guarantee that DependencyDesk will identify all dependencies, that version numbers will be accurate in all cases, or that license information will be complete or correct. Dependencies may be missed, incorrectly identified, or incompletely analyzed due to:

  • Unsupported package managers or manifest file formats
  • Custom or proprietary dependency management systems
  • Malformed or non-standard manifest files
  • Dependencies defined in code rather than manifest files
  • Software bugs or limitations in DependencyDesk

4. GitHub Access and Repository Handling

By using DependencyDesk, you grant the Service read-only access to your selected GitHub repositories through the GitHub App integration. DependencyDesk:

  • Only requests read access to repository contents and metadata
  • Cannot and will not modify your repositories or data
  • Temporarily clones repositories for analysis purposes only
  • Does not execute any package manager commands (npm install, composer install, etc.)
  • Prompts you to delete cached repository files after analysis

You may revoke DependencyDesk's access to your repositories at any time through your GitHub organization settings.

5. Data Handling and Privacy

Temporary Storage: Repository files are cloned temporarily to our servers for analysis. You are encouraged to delete these cached files immediately after analysis is complete.

Analysis Data: Dependency analysis results, including package names, versions, and licenses, are stored in our database and remain available until you choose to delete them.

No Source Code Retention: We do not retain copies of your source code beyond the temporary analysis period. No backups of repository files are created.

6. Payment and Subscription

DependencyDesk is a paid subscription service. By subscribing, you agree to pay the applicable fees as described on our pricing page. You may cancel your subscription at any time through the Stripe billing portal.

Subscription fees are non-refundable except as required by law or as otherwise stated in these terms.

7. Disclaimer of Warranties

The Service is provided "as is" and "as available" without warranties of any kind, either express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement.

We do not warrant that:

  • The Service will meet your specific requirements
  • The Service will be uninterrupted, timely, secure, or error-free
  • The results obtained from using the Service will be accurate or reliable
  • Any errors in the Service will be corrected

8. Limitation of Liability

To the maximum extent permitted by applicable law, DependencyDesk and its creators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, whether incurred directly or indirectly, or any loss of data, use, goodwill, or other intangible losses resulting from:

  • Your use or inability to use the Service
  • Any inaccurate, incomplete, or erroneous dependency reports
  • Any unauthorized access to or use of our servers and/or any information stored therein
  • Any bugs, viruses, or other harmful code that may be transmitted through the Service
  • Any errors or omissions in any content or for any loss or damage incurred as a result of your use of any content

In no event shall our total liability to you for all damages exceed the amount you paid to DependencyDesk in the twelve (12) months prior to the event giving rise to the liability.

9. Indemnification

You agree to indemnify, defend, and hold harmless DependencyDesk and its creators from and against any and all claims, liabilities, damages, losses, costs, expenses, or fees (including reasonable attorneys' fees) arising from your use of the Service or your violation of these Terms of Service.

10. Changes to Terms

We reserve the right to modify these Terms of Service at any time. We will notify users of any material changes by posting the new Terms of Service on this page and updating the "Last Updated" date. Your continued use of the Service after any such changes constitutes your acceptance of the new Terms of Service.

11. Governing Law

These Terms of Service shall be governed by and construed in accordance with the laws of the United States, without regard to its conflict of law provisions.

12. Contact Information

If you have any questions about these Terms of Service, please contact us at:

[email protected]

Back to Home