dep-diff-mcp

Translates a lockfile diff into a human-readable upgrade plan for npm and PyPI. Point this MCP at a Dependabot PR, lockfile diff, or any pair of package versions and get back a ranked upgrade plan. For every dependency bump it returns semver classification, breaking changes extracted from GitHub release notes, CVEs fixed in the range (via OSV.dev), migration guide links, and a per-package recommendation. Bulk tool analyzes up to 50 package changes in parallel and ranks by risk level (security > caution > review > likely-safe > safe). Supports npm and PyPI.

Developer Tools by digicatalyst-systems ★ 1 Last commit: 2 days, 23 hours ago

GitHub npm

Links:

GitHub

Smithery

MCP 2025-11-25 Analyzed 1 hour, 48 minutes ago

◔

Limited visibility — 3/4 applicable dimensions scored

✓ Schema Quality ○ Protocol — Reliability ✓ Docs & Maintenance ✓ Security Hygiene — Schema Interpretability

A remote probe is needed for Protocol and Reliability scores.

Schema Quality

25% weight

Protocol Compliance

—

20% weight

Reliability

—

20% weight

Docs & Maintenance

15% weight

Security Hygiene

20% weight

Score History

Category Trends

30-Day Uptime

30 days ago Today

Static Analysis

Metric	Score	Rating
Schema Completeness	90	Good
Description Quality	90	Good
Documentation Coverage	55	Fair
Maintenance Pulse	75	Good
Dependency Health	75	Good
License Clarity	100	Good
Version Hygiene	90	Good

Analyzed 1 hour, 48 minutes ago

Embed Badge

Add this to your README to display your MCP Scoreboard grade:

[![MCP Score](https://www.mcpscoreboard.com/badge/3063ea67-3b0e-4b93-af1c-dabd1ae9094c.svg)](https://www.mcpscoreboard.com/server/3063ea67-3b0e-4b93-af1c-dabd1ae9094c/)