Hey Product Hunt! 👋 I built ScanReq because I was tired of checking dependencies manually. To prove it works, I scanned repos you've probably used: - rails/rails → 89 outdated packages, 7 CVEs (5 HIGH on rack) - cli/cli (GitHub CLI) → 49 outdated, 177 Go modules parsed - veloren/veloren (Rust) → 28 outdated, 4 CVEs To verify the results weren't just noise, I manually checked every dependency on veloren (~60 packages) — going to crates.io for versions and osv.dev for CVEs one by one. It took me about 4 hours. ScanReq does it in 8 seconds. If you don't trust the results, pick any CVE ID from a scan and paste it into osv.dev. The data is all public. The free tier covers everything most developers need. Pro ($19, one-time payment) adds compatibility analysis and safe update paths for teams that need to plan upgrades carefully. Happy to answer any questions!

ScanReq

Find outdated deps and CVEs across 8 ecosystems in VS Code

Find outdated deps and CVEs across 8 ecosystems in VS Code