DepGraph combines health forecasting, supply chain monitoring, and automated migration paths in a single platform designed for developers.
Every dependency gets a daily 0-100 health score based on six signals: maintenance activity, bus factor, issue health, download trends, dependency freshness, and known CVEs.
โ ๏ธ 3 open critical CVEs
โ ๏ธ Bus factor: 1
โณ Known vulnerabilities unfixed for 14 months.
Run npx depgraph check in any Node.js project to get an instant health report directly in your terminal. No login or configuration required.
Scans deep into your transitive graph to find hidden risks, outputting a color-coded table and a shareable web link to view the full report.
$ npx depgraph check
DepGraph v1.0 โ Scanning 247 dependencies...
Project Health Score: 71 / 100 โโโโโโโโโโ
CRITICAL (2)
Catch bad dependencies before they reach production. Our GitHub Action analyzes every Pull Request, commenting with a detailed score breakdown.
Set custom risk thresholds (e.g. fail-on: critical) to automatically block PRs that introduce unmaintained or compromised packages.
depgraph-bot commented
Overall Score: 74/100 (โ from 79)
Connect your repositories and let DepGraph monitor them 24/7. Receive weekly email digests and instant alerts if a core dependency drops into the Critical risk band.
Use the dashboard to track historical health trends over 365 days and export SBOMs (Software Bill of Materials) for compliance.
Alert: Score Drop
express dropped from 82 to 74
Critical Vulnerability
CVE-2026-1023 in lodash
Join thousands of developers catching abandonment risks before they hit production.