Dependency Freshness Checker — is your npm or PyPI dependency outdated? Latest version, deprecation & breaking-change MCP for AI agents

Dependency Freshness Checker tells any AI coding agent whether an npm or PyPI package is outdated (out of date) — and gives the cited facts to prove it: the latest version, release dates, deprecation status, how many versions behind you are, and a dated "what changed since your version" breaking-change diff. It is MCP-native, reads only public registries and GitHub releases (no scraping, no ToS risk), and is priced Pay-Per-Event for pay-as-you-go agent use.

Add it to your agent in 30 seconds

Already speak MCP? Paste this into your client (Claude Desktop, Cline, Continue, Windsurf — any stdio MCP client), add your free Apify token, and restart:

{
  "mcpServers": {
    "dependency-freshness": {
      "command": "npx",
      "args": ["-y", "dependency-freshness-mcp"],
      "env": { "APIFY_TOKEN": "apify_api_..." }
    }
  }
}

Then just ask your agent to "check dependency freshness" before any upgrade.

Per-framework copy-paste configs and one-click badges (Cursor, VS Code, Claude Desktop, Cline, Continue, Windsurf, Goose) are in docs/integrations.md. Want the agent to wire itself? It reads llms-install.md.

The hosted Actor is a paid MCP server, so it's auth-gated — every path needs your Apify token (free to get). One click installs it; you paste the token once. For a fully auth-clean path, add the Apify hub at mcp.apify.com and call the Actor by name (details in docs/integrations.md).

What does Dependency Freshness Checker do?

Give it any npm or PyPI package — optionally with the version your agent is assuming — and the Dependency Freshness Checker returns, citations-first:

• the latest published version and its release date;
• whether the package (or your assumed version) is deprecated;
• how many versions behind you are; and
• a dated, cited changeSummary[] of what changed between your version and latest.

Every field carries a source URL and access date, so an agent can trust — and quote — the result.

Why check npm & PyPI dependency freshness?

LLM coding agents are time-blind: their training is frozen, so they emit 70–90% deprecated package code. Coding agents are the largest agent population, and they all share this blind spot. The Dependency Freshness Checker fixes the frozen-training-cutoff problem at call time. It lives in the proven-demand "freshness for agents" lane but stays narrow and legally clean — it reads only public npm, PyPI, and GitHub releases — so it does not fight first-party RAG browsers or funded incumbents.

How to use the Dependency Freshness Checker

Pass a small list of packages. Defaults are kept low so a first run is cheap, fast, and succeeds:

{
  "packages": [
    { "ecosystem": "npm", "name": "zod", "currentVersion": "3.22.0" },
    { "ecosystem": "pypi", "name": "fastapi" }
  ]
}

currentVersion is optional — omit it to just ask "what's latest?". See .actor/input_schema.json for the full schema.

Output — dated, cited freshness results

Each result includes isOutdated, versionsBehind, latest + latestPublishedAt, a dated changeSummary[], and field-level citations[]. The same shape is returned by a batch run and by the MCP tool, so agents and dashboards consume one format.

Using Dependency Freshness Checker as an MCP tool for AI agents

This Actor exposes one MCP tool, check_dependency_freshness(packages). Three ways to reach it (mechanics cited in docs/research/50-mcp.md):

• A — Hosted, no setup. Every public Apify Actor is callable through Apify's hosted MCP server at https://mcp.apify.com — no extra wiring.

• B — The Actor as its own MCP server (Standby). The deployed Actor serves a Streamable-HTTP MCP endpoint at /mcp on its own stable URL:

  {
    "mcpServers": {
      "dependency-freshness": {
        "url": "https://<user>--dependency-freshness-mcp.apify.actor/mcp",
        "headers": { "Authorization": "Bearer <APIFY_TOKEN>" }
      }
    }
  }
  

• C — Local stdio (dev / MCP Inspector). Build, then point any MCP client at the compiled entrypoint:

  {
    "mcpServers": {
      "dependency-freshness": {
        "command": "node",
        "args": ["/abs/path/dependency-freshness-mcp/dist/mcp/stdio.js"],
        "env": { "GITHUB_TOKEN": "ghp_… (optional, raises GitHub rate limit)" }
      }
    }
  }
  

  Inspect locally with npx @modelcontextprotocol/inspector node dist/mcp/stdio.js.

Pricing

The Dependency Freshness Checker uses Pay-Per-Event pricing, built for pay-as-you-go agent use: a small flat fee per run start plus $0.005 per package checked ($5 / 1,000) — inside Apify's recommended $1–10 / 1,000-results band. You only pay for packages actually checked.

FAQ

Does it scrape websites? No. It reads only public registry APIs and GitHub releases — no scraping, no terms-of-service risk.

Which ecosystems are supported? npm and PyPI today.

Do I need a GitHub token? No — it is optional and only raises the GitHub rate limit for heavier batches.

Can an agent call it directly? Yes — that is the point. Use the check_dependency_freshness MCP tool (option A or B above).

Other Actors

More agent-native data Actors are on the way on the Apify Store. Follow the author profile to see new freshness-for-agents tools as they ship.