At Brighton Ruby, Andrew Nesbitt shared some of the hidden costs of open source as well as some ways to mitigate. In this post I share two of the things you should check about the dependencies in your project; their security vulnerabilities and licenses.