veto_dep_advisor
Parses project lockfiles to detect known vulnerabilities from OSV.dev, then outputs a prioritized upgrade plan with breaking-change flags.
Instructions
Parses package.json/requirements.txt/Cargo.toml lockfile, queries OSV.dev (free, no key) for known vulnerabilities, and returns a risk-ranked upgrade plan with breaking-change flags.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| ecosystem | No | Package ecosystem: 'npm', 'pypi', 'cargo', or 'auto' (default). | |
| project_dir | Yes | Absolute path to the project directory. |