Translates a lockfile diff into a human-readable upgrade plan for npm and PyPI.
MCP server that translates a lockfile diff into a human-readable upgrade plan. Point your AI assistant (Cursor, Claude Desktop, Claude Code) at a Dependabot PR, output, or any pair of package versions, and get back a ranked upgrade plan: semver class, breaking changes pulled from GitHub release notes, CVEs fixed in the range, migration guide links, and a clear recommendation per package. One…
Verification confirms publisher identity (repo ownership), not code safety. The security scan covers known CVEs and suspicious install scripts — it cannot prove the absence of malicious code.
MCP server that translates a lockfile diff into a human-readable upgrade plan. Point your AI assistant (Cursor, Claude Desktop, Claude Code) at a Dependabot PR, output, or any pair of package versions, and get back a ranked upgrade plan: semver class, breaking changes pulled from GitHub release notes, CVEs fixed in the range, migration guide links, and a clear recommendation per package. One command, user scope (available in every project): Project scope (writes at repo root, team-shared): With…