Symbol-level npm dependency analysis: scan verdicts, native alternatives, migration prompts.
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"dep-scope": {
"args": [
"--package=@florianbruniaux/dep-scope",
"-y",
"dep-scope-mcp"
],
"command": "npx"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
Symbol-level dependency analysis + LLM-ready migration prompts for TypeScript/JavaScript projects.
Run this in your terminal to verify the server starts. Then let us know if it worked — your result helps other developers.
npx -y '@florianbruniaux/dep-scope' 2>&1 | head -1 && echo "✓ Server started successfully"
After testing, let us know if it worked:
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
Checked @florianbruniaux/dep-scope against OSV.dev.
Click any tool to inspect its schema.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in developer-tools
A Model Context Protocol (MCP) server and CLI that provides tools for agent use when working on iOS and macOS projects.
Copy/paste detector for programming source code, supports 223 formats. AI-ready with token-efficient reporter, skill and MCP server.
XcodeBuildMCP provides tools for Xcode project management, simulator management, and app utilities.
Manage Supabase projects — databases, auth, storage, and edge functions
MCP Security Weekly
Get CVE alerts and security updates for io.github.FlorianBruniaux/dep-scope and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
Symbol-level dependency analysis + LLM-ready migration prompts for TypeScript/JavaScript projects.
"Knip tells you what's unused. dep-scope tells you how you use what you keep, and generates the prompt to remove it."
Good use cases:
Not the right tool if:
$ dep-scope scan
═══════════════════════════════════════════
dep-scope Analysis Report
═══════════════════════════════════════════
Summary:
Total dependencies: 45
✓ Keep: 38
↻ Recode Native: 3
✗ Remove: 2
⊕ Peer Dep: 4
Action Items:
Remove (unused):
✗ moment
✗ has-flag
Recode to native:
↻ lodash.debounce (1 symbol) → custom debounce function
↻ array-includes (1 symbol) → Array.prototype.includes
↻ left-pad (1 symbol) → String.prototype.padStart
| Feature | Knip | Depcheck | Moderne | dep-scope |
|---|---|---|---|---|
| Unused detection | ✅ Excellent | ✅ Good | ❌ | ⚠️ Basic |
| Config file scanning | ✅ | ✅ | ❌ | ✅ |
| Symbol-level analysis | ❌ | ❌ | ✅ | ✅ |
| Native alternatives database | ❌ | ❌ | ✅ (lodash) | ✅ 195 packages |
| e18e micro-utilities coverage | ❌ | ❌ | ❌ | ✅ |
| Transitive graph analysis | ❌ | ❌ | ❌ | ✅ |
| Monorepo workspace support | ⚠️ | ❌ | ❌ | ✅ |
| Duplicate detection | ❌ | ❌ | ❌ | ✅ |
| LLM migration prompt | ❌ | ❌ | ❌ | ✅ |
| MCP Server (AI editors) | ❌ | ❌ | ❌ | ✅ |
| OSS / free | ✅ | ✅ | ❌ enterprise | ✅ |
Recommendation: Use Knip for unused detection, dep-scope for deeper analysis and migration. They work well together (dep-scope auto-detects Knip if installed).
CLI (global):
npm install -g @florianbruniaux/dep-scope
Without installation:
npx @florianbruniaux/dep-scope scan
MCP Server (AI editors — no CLI needed):
Add to your editor's MCP config and the server runs on demand via npx. See the MCP Server section below for per-editor config snippets.
From source:
git clone https://github.com/FlorianBruniaux/node-dep-scope.git
cd node-dep-scope
npm install && npm run build && npm install -g .
cd /path/to/your/project
dep-scope init # configure dep-scope for your project (interactive)
dep-scope scan # full scan
dep-scope scan --root # scan full project, including scripts/ tools/ bin/
dep-scope scan --check-duplicates # include duplicate detection
dep-scope scan --check-transitive # surface transitive polyfills (e18e database)
dep-scope scan --each-workspace # monorepo: scan each package individually
dep-scope migrate # generate migration prompts for all candidates
dep-scope migrate lodash # target a specific package
dep-scope report -o ./audit.md
... [View full README on GitHub](https://github.com/FlorianBruniaux/node-dep-scope#readme)