Dependency Hygiene
Outdated, deprecated, and vulnerable packages across your repositories. No LLM cost — just static analysis of your dependency tree.
2
Security Alerts
14
Outdated Packages
3
Deprecated
127
Up to Date
Dependency Alerts
2 Critical2 High
lodashSecurity
criticalCVE-2021-23337 — Command Injection in lodash
v4.17.20 → v4.17.21340 days outdatednpm
axiosSecurity
highCVE-2023-45857 — CSRF vulnerability via cookie exposure
v0.21.1 → v1.7.9890 days outdatednpm
webpackOutdated
mediumMultiple minor security patches and performance improvements
v5.75.0 → v5.97.1560 days outdatednpm
expressOutdated
lowBug fixes and minor improvements — no breaking changes
v4.18.2 → v4.21.2400 days outdatednpm
requestDeprecated
highPackage deprecated — use undici, node-fetch, or axios instead
v2.88.2 → No replacementDeprecated since 2020npm
momentDeprecated
mediumPackage in maintenance mode — migrate to dayjs, date-fns, or Temporal API
v2.29.4 → No replacementMaintenance modenpm
Dependency alerts are free on all plans. Upgrade to Pro for automatic version-bump PRs.