All activity
Your SCA checks for CVEs. It doesn't check whether anyone is still maintaining the software. That's a different question, and until now, no tool answered it well. We track lifecycle status across 12M+ package versions using official EOL declarations and ML-based detection of maintainer abandonment. Upload a package.json, pom.xml, requirements.txt, or any SBOM and see exactly what's still maintained and what isn't. Direct and transitive deps. Every major ecosystem. Free of charge.
EOL DatasetFind every EOL dependency in your stack. Free. In 5 minutes.
Isaac Wuestleft a comment
Last year, our engineering team ran 200+ dependency analyses by hand. Same job every time: a customer would come to us and say, "We need to know what's end-of-life in our stack." We'd dig through their dependency tree manually, cross-reference what we could find online, and deliver a report. Over 200 times we did this. And over 200 times we ran into the same problem. There is no complete source...
EOL DatasetFind every EOL dependency in your stack. Free. In 5 minutes.