{"id":34599266,"url":"https://github.com/niradler/dependency-mcp","last_synced_at":"2026-05-22T23:33:10.208Z","repository":{"id":313531492,"uuid":"1040365132","full_name":"niradler/dependency-mcp","owner":"niradler","description":"MCP server for checking package versions across multiple package managers","archived":false,"fork":false,"pushed_at":"2025-10-29T10:33:26.000Z","size":48,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2025-12-25T23:47:25.552Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/niradler.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-08-18T21:37:33.000Z","updated_at":"2025-10-29T10:33:30.000Z","dependencies_parsed_at":"2025-09-06T18:35:39.873Z","dependency_job_id":"dc00eb5a-3ed1-47c1-ae51-c5b3b8c6df05","html_url":"https://github.com/niradler/dependency-mcp","commit_stats":null,"previous_names":["niradler/dependency-mcp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/niradler/dependency-mcp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niradler%2Fdependency-mcp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niradler%2Fdependency-mcp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niradler%2Fdependency-mcp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niradler%2Fdependency-mcp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/niradler","download_url":"https://codeload.github.com/niradler/dependency-mcp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/niradler%2Fdependency-mcp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33376135,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-22T21:56:13.512Z","status":"ssl_error","status_checked_at":"2026-05-22T21:56:10.769Z","response_time":265,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-24T12:07:58.197Z","updated_at":"2026-05-22T23:33:10.191Z","avatar_url":"https://github.com/niradler.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Dependency MCP Server\n\nA Model Context Protocol (MCP) server for checking package versions across multiple package managers and registries.\n\n## Features\n\n- **Multi-language support**: Check packages from NPM, PyPI, Maven, NuGet, RubyGems, Crates.io, and Go modules\n- **Latest version lookup**: Get the most recent version of any package\n- **Version existence check**: Verify if a specific version exists\n- **Package information**: Get detailed package metadata including all versions\n- **Batch processing**: Check multiple packages simultaneously for improved efficiency\n- **Easy installation**: Install and run via npx\n\n## Supported Package Managers\n\n- **npm** - Node.js packages\n- **pypi** - Python packages\n- **maven** - Java packages (format: `groupId:artifactId`)\n- **nuget** - .NET packages\n- **rubygems** - Ruby gems\n- **crates** - Rust crates\n- **go** - Go modules\n\n## Installation\n\n### Global Installation\n\n```bash\nnpm install -g dependency-mcp\n```\n\n### Run with npx (no installation needed)\n\n```bash\nnpx dependency-mcp\n```\n\n### Local Development\n\n```bash\ngit clone \u003crepository\u003e\ncd dependency-mcp\nnpm install\nnpm start\n```\n\n## Usage\n\nThe server runs as an MCP server using stdio transport. It's designed to be used with MCP-compatible clients.\n\n## Available Tools\n\n### Single Package Tools\n\nUse these tools when you need to check **1-2 packages** or require **detailed information**:\n\n#### 1. `get_latest_version`\n\nGet the latest version of a package. Use for dependency updates, version checks, or when you need the most recent stable release.\n\n**Parameters:**\n\n- `package_name` (string): Name of the package\n- `registry` (string): Package registry (`npm`, `pypi`, `maven`, `nuget`, `rubygems`, `crates`, `go`)\n\n**Example:**\n\n```json\n{\n  \"package_name\": \"express\",\n  \"registry\": \"npm\"\n}\n```\n\n#### 2. `check_version_exists`\n\nCheck if a specific version exists. Use for dependency validation, CI/CD checks, or ensuring version compatibility.\n\n**Parameters:**\n\n- `package_name` (string): Name of the package\n- `version` (string): Version to check\n- `registry` (string): Package registry\n\n**Example:**\n\n```json\n{\n  \"package_name\": \"flask\",\n  \"version\": \"2.3.0\",\n  \"registry\": \"pypi\"\n}\n```\n\n#### 3. `get_package_info`\n\nGet detailed package information including all versions. Use for dependency audits, security reviews, or when you need comprehensive package metadata.\n\n**Parameters:**\n\n- `package_name` (string): Name of the package\n- `registry` (string): Package registry\n\n**Example:**\n\n```json\n{\n  \"package_name\": \"lodash\",\n  \"registry\": \"npm\"\n}\n```\n\n### Multi-Package Tools\n\nUse these tools when you need to check **3+ packages** or perform **bulk operations**:\n\n#### 4. `get_latest_versions`\n\nGet latest versions for multiple packages simultaneously. Use when checking 3+ dependencies - processes up to 100 packages in parallel.\n\n**Parameters:**\n\n- `packages` (array): Array of package names\n- `registry` (string): Package registry\n\n**Example:**\n\n```json\n{\n  \"packages\": [\"react\", \"lodash\", \"axios\"],\n  \"registry\": \"npm\"\n}\n```\n\n#### 5. `check_versions_exist`\n\nCheck if specific versions exist for multiple packages. Use for bulk dependency validation, CI/CD pipeline checks, or ensuring multiple package version compatibility.\n\n**Parameters:**\n\n- `packages` (array): Array of package objects with `package_name` and `version`\n- `registry` (string): Package registry\n\n**Example:**\n\n```json\n{\n  \"packages\": [\n    { \"package_name\": \"react\", \"version\": \"18.2.0\" },\n    { \"package_name\": \"lodash\", \"version\": \"4.17.21\" },\n    { \"package_name\": \"axios\", \"version\": \"1.6.0\" }\n  ],\n  \"registry\": \"npm\"\n}\n```\n\n#### 6. `get_packages_info`\n\nGet comprehensive package details for multiple packages. Use for dependency audits, security reviews, or bulk package analysis.\n\n**Parameters:**\n\n- `packages` (array): Array of package names\n- `registry` (string): Package registry\n\n**Example:**\n\n```json\n{\n  \"packages\": [\"react\", \"lodash\", \"axios\"],\n  \"registry\": \"npm\"\n}\n```\n\n## Tool Selection Guide\n\n### When to Use Single Package Tools:\n\n- **1-2 packages** to check\n- **Detailed information** needed (versions, homepage, repository)\n- **Specific version validation** for one package\n- **Quick checks** during development\n\n### When to Use Multi-Package Tools:\n\n- **3+ packages** to check\n- **Bulk dependency validation**\n- **CI/CD pipeline checks**\n- **Dependency audits** or security reviews\n- **Performance-critical** scenarios with multiple packages\n\n### Performance Notes:\n\n- **Single package tools**: Faster for 1-2 packages\n- **Multi-package tools**: 3-5x faster for 5+ packages due to parallel processing\n- **Error isolation**: Failed packages don't break the entire batch\n- **Batch limits**: Maximum 100 packages per request\n\n## Batch Processing\n\nThe multi-package tools provide significant performance improvements when checking multiple packages:\n\n### Benefits\n\n- **Eliminates round-trip delays**: Check up to 100 packages in a single request\n- **Consistent error handling**: Individual package failures don't break the entire batch\n- **Parallel processing**: All packages are checked concurrently for maximum efficiency\n- **Reduced API overhead**: Fewer HTTP requests to external registries\n\n### Limitations\n\n- **Maximum batch size**: 100 packages per request\n- **Rate limiting**: Built-in delays prevent overwhelming external APIs\n- **Timeout handling**: 10-second timeout per request with graceful fallback\n- **Memory usage**: Large batches may consume more memory\n\n### When to Use Batch Tools\n\n- **Dependency audits**: Check multiple packages in your project\n- **Version comparisons**: Compare versions across multiple packages\n- **Bulk updates**: Identify which packages have newer versions available\n- **CI/CD pipelines**: Validate multiple package versions simultaneously\n\n## Production Considerations\n\n### Performance\n\n- **Concurrent processing**: Multi-package tools use Promise.all for parallel execution\n- **Rate limiting**: Built-in 100ms delay between requests to external APIs\n- **Timeout handling**: 10-second timeout with graceful error handling\n- **Memory management**: Efficient processing of large batches\n\n### Reliability\n\n- **Error isolation**: Individual package failures don't affect others in the batch\n- **Network resilience**: Handles temporary network issues gracefully\n- **API fallbacks**: Graceful degradation when external APIs are unavailable\n- **Validation**: Comprehensive input validation prevents invalid requests\n- **Registry-specific handling**: Maven registry may be slower in some network environments\n\n### Security\n\n- **Input sanitization**: All inputs are validated and sanitized\n- **Rate limiting**: Prevents abuse of external APIs\n- **Error messages**: Safe error messages that don't expose internal details\n- **Timeout protection**: Prevents hanging requests\n\n### Monitoring\n\n- **Timestamps**: All responses include ISO timestamps for tracking\n- **Error tracking**: Detailed error information for debugging\n- **Performance metrics**: Built-in timeout and rate limiting tracking\n\n## Configuration with Claude Desktop\n\nAdd this to your Claude Desktop configuration file:\n\n### Windows\n\n`%APPDATA%\\Claude\\claude_desktop_config.json`\n\n### macOS\n\n`~/Library/Application Support/Claude/claude_desktop_config.json`\n\n### Linux\n\n`~/.config/claude/claude_desktop_config.json`\n\n```json\n{\n  \"mcpServers\": {\n    \"dependency-checker\": {\n      \"command\": \"npx\",\n      \"args\": [\"dependency-mcp\"]\n    }\n  }\n}\n```\n\n## Example Responses\n\n### Latest Version Response\n\n```json\n{\n  \"package\": \"express\",\n  \"registry\": \"npm\",\n  \"found\": true,\n  \"latest_version\": \"4.18.2\",\n  \"description\": \"Fast, unopinionated, minimalist web framework\"\n}\n```\n\n### Version Check Response\n\n```json\n{\n  \"package\": \"flask\",\n  \"version\": \"2.3.0\",\n  \"registry\": \"pypi\",\n  \"exists\": true\n}\n```\n\n### Package Info Response\n\n```json\n{\n  \"package\": \"lodash\",\n  \"registry\": \"npm\",\n  \"found\": true,\n  \"latest_version\": \"4.17.21\",\n  \"description\": \"Lodash modular utilities.\",\n  \"versions\": [\"4.17.21\", \"4.17.20\", \"...\"],\n  \"homepage\": \"https://lodash.com/\",\n  \"repository\": \"git+https://github.com/lodash/lodash.git\"\n}\n```\n\n## Special Format Notes\n\n### Maven\n\nMaven packages should be specified in the format `groupId:artifactId`:\n\n```json\n{\n  \"package_name\": \"org.springframework:spring-core\",\n  \"registry\": \"maven\"\n}\n```\n\n### Go Modules\n\nGo modules should use the full module path:\n\n```json\n{\n  \"package_name\": \"github.com/gorilla/mux\",\n  \"registry\": \"go\"\n}\n```\n\n## Error Handling\n\nThe server provides detailed error messages for common scenarios:\n\n- Package not found\n- Network connectivity issues\n- Invalid package name formats\n- Registry API errors\n- Rate limiting exceeded\n- Server errors (5xx responses)\n- Request timeouts\n- Input validation errors\n\n### Error Response Format\n\nAll error responses include:\n\n- `error`: Human-readable error message\n- `timestamp`: ISO timestamp of when the error occurred\n- `package`: Package name that caused the error\n- `registry`: Registry where the error occurred\n\n### Input Validation\n\nThe server validates all inputs:\n\n- Package names: Must be non-empty strings under 500 characters\n- Versions: Must be non-empty strings under 100 characters\n- Registry: Must be one of the supported registries\n- Batch size: Maximum 100 packages per request\n- Required parameters: All required fields must be present\n\n### Response Expectations\n\n#### Single Package Tools:\n\n- **Success**: Returns complete package information with `found: true`\n- **Not Found**: Returns `found: false` with error message\n- **Network Issues**: Returns error with descriptive message\n- **Always includes**: `timestamp`, `package`, `registry` fields\n\n#### Multi-Package Tools:\n\n- **Success**: Returns array of results, each with individual status\n- **Partial Success**: Some packages succeed, others fail - each has individual result\n- **Error Isolation**: Failed packages don't affect successful ones\n- **Batch Processing**: All packages processed in parallel for efficiency\n- **Consistent Format**: Each result follows same structure as single package tools\n\n## Development\n\n### Project Structure\n\n```\ndependency-mcp/\n├── src/\n│   ├── index.js          # Main MCP server\n│   └── packageChecker.js # Package registry handlers\n├── test/\n│   └── test.js          # Basic tests\n├── package.json\n└── README.md\n```\n\n### Running Tests\n\n```bash\nnpm test\n```\n\n### Debug Mode\n\n```bash\nnpm run dev\n```\n\n## License\n\nMIT\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fniradler%2Fdependency-mcp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fniradler%2Fdependency-mcp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fniradler%2Fdependency-mcp/lists"}