Dataset validation

Package Supply Chain Risk CSV Sample

A validation sample for a possible open-source package risk and dependency-change feed built from public advisory, package metadata, and open-source insight APIs. It is data infrastructure only, not a legal, license, or exploitability decision engine.

CSV /datasets/package-risk-sample.csv
observed_at,ecosystem,package_name,version,event_type,advisory_id,risk_flag,source
2026-07-02T14:15:00Z,npm,sample-package,1.4.2,new_advisory,OSV-2026-0001,vulnerability,OSV
2026-07-02T13:30:00Z,pypi,sample-framework,3.2.1,license_changed,,license_review,deps.dev
2026-07-01T18:45:00Z,maven,com.example:sample-lib,2.0.0,dependency_changed,,dependency_review,deps.dev

CSV Schema

The fields are intentionally simple so buyers can inspect the shape in spreadsheets, BI tools, and lightweight data pipelines.

Monetization Hypothesis

This sample tests dataset and report-style demand before we invest in ingestion, export automation, or marketplace onboarding.

Public Sources

The full product would normalize public records into stable datasets and API endpoints only after validation gates are met.