Skip to content

DigiCatalyst-Systems/dep-diff-mcp

MCP Security & Auth

MCP server that converts lockfile diffs into a ranked, human‑readable upgrade plan with semver classification, breaking‑change notes, CVE fixes, and migration guidance.

Track releases GitHub
TypeScript Latest v0.1.10 · 1mo ago Security brief →

Features

  • Translates any package version diff (e.g., Dependabot PRs, npm outdated) into a structured upgrade recommendation
  • Classifies changes by SemVer level (major/minor/patch/downgrade)
  • Extracts breaking‑change notes from GitHub release pages and lists fixed CVEs via OSV.dev
  • Provides per‑package migration links and a clear risk rating (security, caution, review, safe)

Recent releases

View all 11 releases →
No immediate action
v0.1.10 Bug fix

Install snippet fix

Open
Config change
v0.1.9 Breaking risk
Auth Dependencies

Analytics Engine removal

Open
No immediate action
v0.1.7 New feature

Tool annotations + prompts

Open
No immediate action
v0.1.6 New feature

Server card JSON endpoint

Open
Review required
v0.1.5 New feature
Auth

Cloudflare Worker + deploy workflow

Open

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

About

Stars
2
Forks
0
Languages
TypeScript JavaScript Dockerfile
Downloads/week
107 ↓87%
NPM Maintainers
1 Single npm maintainer
Contributors
1
TypeScript
Types included ✓
View on GitHub View on npm

Install & Platforms

Install via
npm

Similar tools

StacklokLabs/osv-mcp
goklab/guardvibe
UPinar/contrastapi
artmann/package-registry-mcp
arvindand/maven-tools-mcp

Beta — feedback welcome: [email protected]