Dependabot is a GitHub service that automates dependency updates in software projects by creating pull requests when new versions of dependencies are available, helping developers keep their projects secure and up-to-date.
Provides access to 5,000+ Key Performance Indicators across 264 operating areas for all Swedish municipalities and regions, enabling statistical analysis, comparisons, and trend tracking of Swedish public sector data.
Last updated
2
21
14
12
MIT
Why this server?
Analyzes Dependabot pull requests to provide human-readable upgrade plans with risk assessment, breaking changes, security fixes, and migration guidance
Translates a lockfile diff into a human-readable upgrade plan. For every dependency bump (npm or PyPI) returns semver class, breaking changes from GitHub release notes, CVEs fixed in the range, migration guide links, and a clear per-package recommendation. Bulk tool ranks up to 50 package changes in parallel by risk (security > caution > review > likely-safe > safe).
Last updated
2
123
1
MIT
Why this server?
Surfaces security alerts and CVE warnings by integrating with Dependabot and the GitHub Advisory Database.
Provides crowdsourced package intelligence and security alerts for AI coding assistants by analyzing project dependencies and framework co-occurrence. It enables automated project scans, package alternative discovery, and data-driven recommendations across multiple programming ecosystems.
Last updated
10
0
MIT
Why this server?
Provides automated triage for Dependabot alerts and pull requests as part of a headless workflow for maintaining open-source repositories.
Open source contribution manager — tracks PRs across repos, discovers contributable issues, diagnoses CI failures, and drafts maintainer responses. 21 MCP tools, 5 resources, 3 prompts. Ships
as CLI, MCP server, and Claude Code plugin.
Last updated
20
9
Why this server?
Used for proactive dependency updates as part of the enterprise-grade quality measures, including OpenSSF Scorecard monitoring and Dependabot updates.
A local-first MCP server that provides AI agents with safe codebase access through file discovery, hybrid lexical-semantic search, and project introspection. It features durable local memory and semantic indexing while keeping all data and processing entirely on your local machine.
Last updated
74
44
3
MIT
Why this server?
Allows listing Dependabot alerts with severity-grouped counts.
Facilitates unified execution and result parsing for various testing frameworks, including Bats, Pytest, Flutter, Jest, and Go, through a Model Context Protocol interface.
Last updated
1
16
MIT
Why this server?
Enables querying of Dependabot alerts for GitHub repositories, providing visibility into dependency vulnerabilities
This server integrates with GitHub Advanced Security to load security alerts and bring it into your context. Supports Dependabot Security Alerts, Secret Scanning Alerts, Code Security Alerts
Last updated
3
7
5
Why this server?
Manages Dependabot security and dependency updates as part of the GitHub Security Suite, enabling automated vulnerability detection and dependency management.
Enables comprehensive GitHub workflow automation including Actions monitoring, PR management, code search, file operations, and repository management through a code-first architecture that reduces token usage by 98%.