Automic VaultAutomic Vault

brew

Install dep-tree with Homebrew, Nix

Tool for visualizing dependencies between files and enforcing dependency rules. Version 0.23.4 via Homebrew; verified from local package data.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install dep-tree

local Homebrew formula metadata

Linux

Nixverified · 92%
nix profile install nixpkgs#dep-tree

nixpkgs package indexes · pkgs/by-name/de/dep-tree/package.nix · source: api.github.com

overview

Package summary

Tool for visualizing dependencies between files and enforcing dependency rules

Commands and aliases

  • dep-tree

history

Project history and usage

dep-tree is a CLI for visualizing file dependency graphs and enforcing dependency rules. It renders codebase structure as a tree or 3D force-directed graph and can fail CI when imports violate rules in .dep-tree.yml.

Project history

The official repository was created in December 2022. Its README presents dep-tree as a tool for visualizing codebase entropy and keeping modules decoupled by analyzing local file imports from one or more entrypoints.

The project grew around a few focused commands: entropy for browser-based 3D graphs, tree for terminal exploration, explain for showing dependencies between glob-selected areas, and check for enforcing allow or deny rules.

Adoption history

dep-tree is distributed through Homebrew on macOS and Linux, plus pip and npm for broader platform access. That multi-channel packaging fits the tool's audience: teams may want the same architecture check available in local shells, Python-heavy repos, JavaScript-heavy repos, and CI.

The GitHub release feed shows active 0.23.x releases through March 2025, and the README links generated graphs for well-known projects across TypeScript, Python, Rust, and Go.

How it is used

Users point dep-tree at one or more entry files to build a local dependency graph. dep-tree entropy opens a browser visualization, dep-tree tree shows a navigable terminal tree, and dep-tree explain reports whether files matching one glob depend on files matching another.

For CI, dep-tree check reads .dep-tree.yml and verifies allow, deny, and circular-dependency rules. That makes it a lightweight architecture-linting tool rather than only a visualization toy.

Why package nerds care

dep-tree is notable because it packages architecture boundaries as a small CLI instead of a platform-specific IDE feature. That makes dependency hygiene scriptable in package test phases and CI jobs.

It also shows a modern packaging pattern: one upstream tool ships through brew, pip, and npm so different ecosystems can install the same executable in the way their automation already understands.

Timeline

  • 2022: The gabotechs/dep-tree repository is created on GitHub.
  • 2024: dep-tree v0.23.0 is released.
  • 2025: dep-tree v0.23.4 is released.

Related projects

  • Graph visualization tools and force-directed layouts are related to dep-tree's entropy view.
  • Import linters and architecture-test tools are related to dep-tree check.
  • Language parsers for JavaScript, TypeScript, Python, Rust, and Go are part of the supported-language story documented by the README.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 8 platform targets.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
.dep-tree.yml

executables

Installed executables

CommandKindExposureNote
dep-treecliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version0.23.4
manager updated
local dataok
upstreamcurrent
latest detectedv0.23.4

https://github.com/gabotechs/dep-tree

  • infoNo package-manager update timestamp was available.low confidence

install metadata

Package metadata

Package keybrew:dep-tree
Version0.23.4
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/dep-tree
Homepagehttps://github.com/gabotechs/dep-tree
Repositoryhttps://github.com/gabotechs/dep-tree
Upstream docshttps://github.com/gabotechs/dep-tree#readme
LicenseMIT
Source archivehttps://github.com/gabotechs/dep-tree/archive/refs/tags/v0.23.4.tar.gz
Build dependenciesgo
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, sonoma, ventura, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namedep-tree
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Nix95%

dep-tree

nix profile install nixpkgs#dep-tree
  • normalized package name match
  • Matched by: Dep Tree
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/de/dep-tree/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment