I needed a way to quickly understand the true state of dependencies across my projects – which ones pose real risk and which updates are actually urgent.

DepHealth analyzes any public GitHub repo and gives you:

• Overall health score (0-100) based on security, drift, and lifecycle

• Prioritized action list (actively exploited CVEs ranked first via CISA KEV)

• Combined view: vulnerabilities + version drift + EOL status

Try it: https://dephealth.io (no signup, most repos analyze in under a minute)

The goal is to give you instant visibility into dependency health without manual audit work. Uses exponential decay scoring so large projects aren't unfairly penalized just for having more packages.

Technical bits: • 8-tier prioritization system (exploited → critical → high → outdated)

• 7 ecosystems: npm/yarn/pnpm, composer, poetry/pipenv, go modules

• Built with Laravel + Vue3, Clean Architecture (DDD)

• Free for public repos

Built this over 3 months as a side project. Would love feedback on the scoring algorithm and prioritization logic—does it feel "fair" for your projects?