This API is operated by pkgdrift, a sole proprietorship. The operator is not incorporated and is not a registered legal entity in any jurisdiction.
THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, OR NON-INFRINGEMENT.
IN NO EVENT SHALL THE OPERATOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOSS OF REVENUE, OR BUSINESS INTERRUPTION) ARISING OUT OF YOUR USE OF OR INABILITY TO USE THE SERVICE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Package vulnerability and drift data is derived from public sources and processed by automated systems. The operator makes no representation that the data is complete, accurate, or up to date. Do not rely solely on this data for security-critical decisions. Always verify findings with authoritative sources (NVD, package registries, CVE databases).
You assume all risk associated with your use of this API. The operator accepts no responsibility for security incidents, compliance failures, or decisions made based on data returned by this service.
Access is subject to rate limits by subscription tier. Exceeding limits results in request rejection (HTTP 429). The operator reserves the right to modify, suspend, or terminate access at any time without notice.