Dependencies

Infrastructure Dependencies

How critical infrastructure projects layer upon each other

Infrastructure Dependency Pyramid

108 projects organized by their position in the stack

Applications & Frameworks 19 projects
Angular Ansible Apache Airflow Apache Flink Apache Kafka Apache Spark Consul Django Express.js FastAPI Flask Next.js React Ruby on Rails Spring Framework Svelte Terraform Vault Vue.js
Container & Orchestration 10 projects
Argo CD Consul containerd CoreDNS Flux Helm Istio Kubernetes Moby (Docker Engine) Vault
Databases & Storage 28 projects
Apache Kafka Apache ZooKeeper Cassandra Ceph ClickHouse CockroachDB Consul Elasticsearch etcd GlusterFS Grafana InfluxDB Logstash Loki MariaDB MinIO MongoDB MySQL Neo4j PostgreSQL Prometheus Redis ScyllaDB SQLite TiDB TimescaleDB Vault Vitess
Web Servers & Proxies 9 projects
Apache HTTP Server Apache Tomcat Caddy Envoy HAProxy Nginx Squid Traefik Varnish
Languages & Runtimes 12 projects
Bun Cargo Deno Go Node.js npm PHP pip Python Ruby Rust TypeScript
System & Networking 17 projects
Apache HTTP Server BIND Caddy Certbot CoreDNS curl Envoy Git GnuPG HAProxy Let's Encrypt Nginx OpenSSH OpenSSL Squid Traefik Varnish
Foundation Libraries 8 projects
BusyBox Glibc GnuPG libjpeg-turbo libpng libsodium OpenSSL zlib
Healthy (80-100) Warning (60-79) Critical (<60)

💡 The Insight

Modern software stacks are like pyramids - wide at the top, narrow at the base. Hundreds of applications and frameworks depend on just a handful of foundation libraries.

When a foundation project like zlib has a security issue, it affects 15+ billion devices. Yet these critical projects often have just 1-3 maintainers.

"Every project eventually depends on a module maintained by someone in Nebraska who hasn't updated their website since 2003."

xkcd #2347
Explore All Projects