API Live Now

Know which dependencies will fail before they break your build

Predictive health scores for npm packages. Get warned about abandonment risk months before it becomes your 3am incident.

Try Live Demo View API Docs

2,500+ packages tracked

Free tier available

Try free no signup

The Problem

Dependencies are ticking time bombs

Every year, critical packages get abandoned, compromised, or sabotaged. By the time you notice, it's already breaking production.

💥

colors + faker

January 2022

Maintainer intentionally corrupted packages with infinite loops, breaking thousands of projects overnight.

25M+ weekly downloads affected

🎯

event-stream

November 2018

Maintainer handed off project to attacker who injected cryptocurrency-stealing malware.

2M+ downloads with malware

🕳️

left-pad

March 2016

11-line package was unpublished, breaking React, Babel, and thousands of builds worldwide.

Global npm outage

Live Demo

Try it now - no signup required

Enter any npm package name to see its health score and risk assessment in real-time.

Try:

REST API

Simple API, powerful insights

Get health scores for any npm package with a single API call. Scan entire projects in seconds.

api.dephealth.laranjo.dev

$ curl -H "X-API-Key: YOUR_KEY" \

https://api.dephealth.laranjo.dev/v1/packages/npm/express

{
  "package": "express",
  "ecosystem": "npm",
  "health_score": 83.5,
  "risk_level": "LOW",
  "abandonment_risk": {
    "probability": 3.5,
    "time_horizon_months": 12
  },
  "components": {
    "maintainer_health": 100,
    "evolution_health": 86.5,
    "community_health": 73.7,
    "user_centric": 69.3
  },
  "signals": {
    "weekly_downloads": 37871062,
    "stars": 68517,
    "days_since_last_commit": 0,
    "maintainer_count": 5
  }
}

Available Endpoints

GET /v1/packages/npm/{name} Get package health

POST /v1/scan Scan package.json

GET /v1/usage Check your usage

Features

Everything you need to stay safe

📊

Health Scores

Get 0-100 scores based on maintainer activity, community health, release cadence, and adoption metrics.

🔮

Predict Abandonment

Identify at-risk packages 6-12 months before problems emerge with ML-based predictions.

📦

Bulk Scanning

Scan your entire package.json in one API call. Get a complete risk breakdown instantly.

🛡️

Security Signals

Get alerted to deprecations, archived repos, and security advisories before they become blockers.

Developer Tools

Integrate anywhere in your workflow

Use the CLI for local development or the GitHub Action for CI/CD. Both connect to the same API.

CLI

@dephealth/cli

Catch risky dependencies before they ship — right from your terminal.

# Try without installing (demo mode)

npx @dephealth/cli check express

# Or install globally

npm install -g @dephealth/cli

# Scan your project (CI-friendly)

dephealth scan --fail-on HIGH

GitHub Action

Dlaranjo/dephealth

Block risky dependencies from ever reaching main. Automatic scanning on every PR.

- name: Scan dependencies
  uses: Dlaranjo/dephealth@v1
  with:
    api-key: ${{ secrets.DEPHEALTH_API_KEY }}
    fail-on: HIGH

Both tools work in demo mode (20 requests/hour) without an API key. Try the live demo above.

Start protecting your dependencies today

Get your free API key and unlock 5,000 requests per month.

Get Free API Key View on GitHub

5,000 free requests/month

No credit card required

2,500+ npm packages tracked

Want to try first? The CLI works without an API key:


npx @dephealth/cli check express

Demo mode: 20 requests/hour