DigiCatalyst-Systems/dep-diff-mcp

v0.1.10 Bugfix

This release fixes issues for SREs watching stability and regressions.

Published 1mo MCP Security & Auth

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

changelog cve dependabot dependency-management mcp model-context-protocol

+4 more

npm pypi security typescript

Summary

AI summary

Fixed intermittent install snippet failures by switching to explicit package specifier.

Full changelog

Fixed

Install snippets in README, blog post, and project .mcp.json switched from bare npx -y @digicatalyst/dep-diff-mcp to the explicit npx -y -p @digicatalyst/dep-diff-mcp@latest dep-diff-mcp form. The bare form intermittently failed with dep-diff-mcp: command not found on certain npx cache states (scoped pkg, bin name resolution edge case in npm 11). Explicit -p pkg@latest binname form is reliable across cache states.

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track DigiCatalyst-Systems/dep-diff-mcp

Get notified when new releases ship.

About DigiCatalyst-Systems/dep-diff-mcp

Translates a lockfile diff (npm, PyPI) into a human-readable upgrade plan. Point it at a Dependabot PR and get back semver classification, breaking changes from GitHub release notes, CVEs fixed in range, migration links, and a per-package recommendation. Bulk tool ranks up to 50 changes by risk (security > caution > review > likely-safe > safe)

All releases →

DigiCatalyst-Systems/dep-diff-mcp

Summary

Fixed

Related context

Related tools