dependency-health
Fetches changelogs and release notes from GitHub releases to provide detailed upgrade information for dependencies.
Fetches latest versions and dependency information from the npm registry to check the health of JavaScript project dependencies.
Fetches latest versions and dependency information from PyPI to check the health of Python project dependencies.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@dependency-healthcheck the dependency health of /home/user/project"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
MCP Dependency Health Checker
A Model Context Protocol (MCP) server that performs comprehensive health checks on project dependencies for JavaScript and Python projects.
Features
🔍 Automatic Ecosystem Detection: Detects whether your project is JavaScript or Python
📦 Package Manager Support:
JavaScript: npm-compatible (
package.json)Python: pip (
requirements.txt)
🔄 Real-time Registry Queries: Fetches latest versions from npm and PyPI
⚠️ Outdated Dependency Detection: Compares current versions with latest releases
🚨 Pre-release Detection: Identifies pre-release versions
📊 Detailed Status Reports: Provides comprehensive information about each dependency
🤖 LLM-First Design: Clean, text-focused output designed for optimal LLM consumption
🚀 Automatic Changelog Fetching: Fetches actual release notes from GitHub releases so LLMs can analyze specific changes, bug fixes, and breaking changes without additional web requests
📝 Always Actionable: Every dependency includes meaningful changelog content - either actual release notes or clear explanations when fetching fails
Related MCP server: MCP Package Hero
Installation
Prerequisites
Python 3.11 or higher
uv package manager
Setup
Clone the repository:
git clone https://github.com/NY5184/mcp-dependency-health.git
cd mcp-dependency-healthInstall dependencies:
uv syncUsage
Running the MCP Server
Start the server in development mode:
uv run mcp dev src/server.pyUsing with MCP Clients
Configure your MCP client (like Claude Desktop) to connect to this server:
{
"mcpServers": {
"dependency-health": {
"command": "uv",
"args": ["run", "src/server.py"],
"cwd": "/path/to/mcp-dependency-health"
}
}
}Available Tools
dependency_health_check
Performs a comprehensive health check on project dependencies.
Input:
project_path(string): Path to the project directoryecosystem(string, optional):"auto","javascript", or"python"(defaults to"auto")
Output: Returns a list of dependencies with:
name: Package namecurrent: Currently specified versionlatest: Latest version available in registrystatus:"up-to-date","outdated", or"unknown"changelog_content: Always present - contains actual release notes when successfully fetched, or an explanatory message with source link if fetching failednote: Additional information (optional)release_date: When the latest version was released (optional)description: Short package description (optional)
Example Input:
{
"project_path": "/path/to/your/project",
"ecosystem": "auto"
}Example Output:
{
"dependencies": [
{
"name": "react",
"current": "^18.0.0",
"latest": "18.2.0",
"status": "outdated",
"changelog_content": "Release v18.2.0:\n\n## Fixes\n- Fix memory leak in development mode\n- Fix Suspense bug with nested components\n- Improve TypeScript definitions\n\n## Features\n- Add useId hook\n- Suspense improvements",
"release_date": "2022-06-14T16:55:41.036Z",
"description": "React is a JavaScript library for building user interfaces."
}
]
}LLM-First Design: The output is designed for optimal LLM consumption:
✅ No URL clutter - URLs are used internally but not exposed in the output
✅ Always actionable -
changelog_contentalways contains meaningful text✅ Self-contained - LLMs can provide specific upgrade advice without additional web requests
✅ Clear fallbacks - When changelog fetching fails, the content explains what happened
Example changelog_content values:
Success: Actual release notes from GitHub
Fetch failed with source:
"Changelog available at: https://github.com/user/repo/releases\n\nThe release notes exist but could not be automatically extracted. Visit the URL above for full details."No source found:
"Changelog could not be fetched automatically. No official changelog source was found."
With this structure, an LLM can immediately provide specific advice like:
"React 18.2.0 includes bug fixes for Suspense and fixes a memory leak in development mode. Safe to upgrade."
"This release was from June 2022, so it's well-tested and stable."
Project Structure
mcp-dependency-health/
├── main.py # Entry point (if needed)
├── pyproject.toml # Project configuration and dependencies
├── uv.lock # Locked dependency versions
├── README.md # Project documentation
│
├── src/ # Main source code
│ ├── __init__.py
│ ├── server.py # MCP server implementation
│ └── services/ # Service layer
│ ├── __init__.py
│ ├── changelog_fetcher.py # Changelog content fetching
│ ├── error_handlers.py # Error handling utilities
│ └── registry_clients.py # npm/PyPI registry clients
│
├── schemas/ # Data schemas
│ ├── __init__.py
│ ├── input.py # Input validation schemas
│ └── output.py # Output data schemas
│
├── utils/ # Utility modules
│ ├── __init__.py
│ ├── file_finder.py # Project file discovery
│ ├── parsers.py # Dependency file parsers
│ └── versions.py # Version comparison utilities
│
└── tests/ # Test suite
├── test_file_finder.py
├── test_parsers_js.py
├── test_parsers_py.py
├── test_registry_clients.py
├── test_server_sanity.py
└── test_versions.pyDevelopment
Running Tests
uv run pytestCode Structure
FastMCP Framework: Uses FastMCP for easy MCP server creation
Async Operations: Leverages
httpxfor efficient async HTTP requestsType Safety: Full type hints with Pydantic models
Version Parsing: Uses
packaginglibrary for semantic version comparison
Dependencies
fastmcpormcp>=1.25.0: MCP server frameworkhttpx>=0.28.1: Async HTTP clientpydantic>=2.12.5: Data validationpackaging>=25.0: Version parsing and comparison
How It Works
File Discovery: Scans the project directory for
package.jsonorrequirements.txtEcosystem Detection: Automatically determines if it's a JavaScript or Python project
Dependency Parsing: Extracts package names and version specifications
Registry Queries: Queries npm or PyPI for the latest versions and contextual information
Changelog Fetching: Automatically fetches release notes from GitHub releases (when available)
Version Comparison: Compares current versions with latest releases
Status Report: Returns detailed information about each dependency with actual changelog content and links
Limitations
This tool has limited package manager support. It currently only supports:
Supported Package Managers
JavaScript: npm (via
package.json)Python: pip (via
requirements.txt)
Unsupported Package Managers
The following package managers are not currently supported:
Python: Poetry (
pyproject.toml), Pipenv (Pipfile), Conda (environment.yml)Rust: Cargo (
Cargo.toml)Go: Go modules (
go.mod)Java: Maven (
pom.xml), Gradle (build.gradle)PHP: Composer (
composer.json).NET: NuGet (
.csproj,packages.config)Ruby: Bundler (
Gemfile)Other: Any other package manager not listed above
When a project uses an unsupported package manager or no supported dependency file is found, the tool will return a dependency result with:
status:"unknown"A clear note explaining that the project uses an unsupported dependency manager and listing the currently supported ones
Troubleshooting
"Failed to canonicalize script path"
If you encounter this error:
Ensure you're in the project directory
Recreate the virtual environment:
uv syncTry running directly:
uv run python src/server.py
Import Errors
If you see ModuleNotFoundError:
Ensure all dependencies are installed:
uv syncCheck that you're using the correct virtual environment
License
MIT License
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Tools
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/NY5184/mcp-dependency-health'
If you have feedback or need assistance with the MCP directory API, please join our Discord server