Is Node Dep Scope free?

Yes, Node Dep Scope is free to use.

How do I install Node Dep Scope?

Node Dep Scope is a local plugin. Install it using npm package: @florianbruniaux/dep-scope and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What AI apps work with Node Dep Scope?

Node Dep Scope uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Node Dep Scope MCP Server

by FlorianBruniaux

Developer ToolsLow Risk9.5MCP RegistryLocal

Free

Server data from the Official MCP Registry

Symbol-level npm dependency analysis: scan verdicts, native alternatives, migration prompts.

About

Symbol-level npm dependency analysis: scan verdicts, native alternatives, migration prompts.

Security Report

9.5

Low Risk9.5Low Risk

Valid MCP server (2 strong, 3 medium validity signals). 1 known CVE in dependencies Package registry verified. Imported from the Official MCP Registry.

13 files analyzed · 2 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

file_system

Check that this permission is expected for this type of plugin.

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-florianbruniaux-dep-scope": {
      "args": [
        "-y",
        "@florianbruniaux/dep-scope",
        "@florianbruniaux/dep-scope",
        "dep-scope-mcp"
      ],
      "command": "npx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

dep-scope

Symbol-level dependency analysis + LLM-ready migration prompts for TypeScript/JavaScript projects.

"Knip tells you what's unused. dep-scope tells you how you use what you keep, and generates the prompt to remove it."

When to use dep-scope

Good use cases:

Legacy project audit: Finding lodash functions that now have native equivalents
Library consolidation: Do we really need 3 icon libraries?
Migration: Generate a context-aware prompt and let Claude Code do the refactoring
Curiosity: "Which symbols from this 50KB library do we actually use?"

Not the right tool if:

You just want unused deps → use Knip instead
Your codebase is already well-maintained → dep-scope will mostly say "KEEP"

Quick Example

$ dep-scope scan

═══════════════════════════════════════════
  dep-scope Analysis Report
═══════════════════════════════════════════

Summary:
  Total dependencies: 45
  ✓ Keep:          38
  ↻ Recode Native: 3
  ✗ Remove:        2
  ⊕ Peer Dep:      4

Action Items:
  Remove (unused):
    ✗ moment
    ✗ has-flag

  Recode to native:
    ↻ lodash.debounce (1 symbol) → custom debounce function
    ↻ array-includes (1 symbol) → Array.prototype.includes
    ↻ left-pad (1 symbol) → String.prototype.padStart

How it compares

Feature	Knip	Depcheck	Moderne	dep-scope
Unused detection	✅ Excellent	✅ Good	❌	⚠️ Basic
Config file scanning	✅	✅	❌	❌
Symbol-level analysis	❌	❌	✅	✅
Native alternatives database	❌	❌	✅ (lodash)	✅ 195 packages
e18e micro-utilities coverage	❌	❌	❌	✅
Transitive graph analysis	❌	❌	❌	✅
Monorepo workspace support	⚠️	❌	❌	✅
Duplicate detection	❌	❌	❌	✅
LLM migration prompt	❌	❌	❌	✅
MCP Server (AI editors)	❌	❌	❌	✅
OSS / free	✅	✅	❌ enterprise	✅

Recommendation: Use Knip for unused detection, dep-scope for deeper analysis and migration. They work well together (dep-scope auto-detects Knip if installed).

Installation

CLI (global):

npm install -g @florianbruniaux/dep-scope

Without installation:

npx @florianbruniaux/dep-scope scan

MCP Server (AI editors — no CLI needed):

Add to your editor's MCP config and the server runs on demand via npx. See the MCP Server section below for per-editor config snippets.

From source:

git clone https://github.com/FlorianBruniaux/node-dep-scope.git
cd node-dep-scope
npm install && npm run build && npm install -g .

Quick Start

cd /path/to/your/project

dep-scope init                        # configure dep-scope for your project (interactive)
dep-scope scan                        # full scan
dep-scope scan --root                 # scan full project, including scripts/ tools/ bin/
dep-scope scan --check-duplicates     # include duplicate detection
dep-scope scan --check-transitive     # surface transitive polyfills (e18e database)
dep-scope scan --each-workspace       # monorepo: scan each package individually
dep-scope migrate                     # generate migration prompts for all candidates
dep-scope migrate lodash              # target a specific package
dep-scope report -o ./audit.md        # markdown report

Setup: `dep-scope init`

Run dep-scope init before your first scan. The wizard detects your project and generates a config in 4 questions:

dep-scope init

  Detected: Next.js project
  Found dirs: src/, scripts/, app/

? Source directories to scan:
  ● Auto-detected: src/, scripts/, app/  (recommended)
  ○ Full project root (.) — includes everything
  ○ Choose directories manually...

? Include devDependencies in scan? (y/N)
? Symbol threshold for RECODE_NATIVE verdict: (5)
? Config format:
  ● .depscoperc.json  (simple JSON, recommended)
  ○ depscope.config.ts  (TypeScript with autocomplete)

✓ Created .depscoperc.json
  Preset: react  |  Dirs: src, scripts, app  |  Threshold: 5

Use -y to skip prompts in CI: dep-scope init --yes.

Getting accurate results

Auto-detection covers: src, app, lib, pages, components, hooks, server, scripts, tools, bin, cli. If your project has code elsewhere, pass --root to scan everything, or set srcPaths explicitly in .depscoperc.json:

{
  "srcPaths": ["src", "app", "scripts", "tools"]
}

False positive "unused" verdict? The package may be used in a directory outside the scan scope (scripts/, tools/, etc.). Run dep-scope scan --root to verify before removing anything. When a removal recommendation appears with a narrow scan scope, dep-scope will warn you.

MCP Server

dep-scope exposes a Model Context Protocol server so AI editors (Claude Code, Cursor, Windsurf) can query your dependencies inline — no CLI, no markdown files, no copy-paste.

Listed on the official MCP Registry: io.github.FlorianBruniaux/dep-scope

Available tools

Tool	Params	What it does
`scan_project`	`projectPath`, `srcPaths`, `threshold`, `includeDev`, `checkDuplicates`, `checkTransitive`, `withKnip`	Full dependency scan with verdicts
`analyze_package`	`packageName`, `projectPath`, `srcPaths`	Symbol-level breakdown of one package
`get_migration_candidates`	`projectPath`	List all RECODE_NATIVE + CONSOLIDATE packages
`generate_migration_prompt`	`packageName`, `projectPath`	Generate a migration prompt inline
`find_duplicates`	`projectPath`	Detect overlapping libraries

Setup

Add the following mcpServers entry to your editor's config. The server runs on demand via npx — no global install required.

Claude Code — ~/.claude.json:

{
  "mcpServers": {
    "dep-scope": {
      "command": "npx",
      "args": ["--package=@florianbruniaux/dep-scope", "-y", "dep-scope-mcp"]
    }
  }
}

Claude Desktop — ~/Library/Application Support/Claude/claude_desktop_config.json:

{
  "mcpServers": {
    "dep-scope": {
      "command": "npx",
      "args": ["--package=@florianbruniaux/dep-scope", "-y", "dep-scope-mcp"]
    }
  }
}

Cursor — ~/.cursor/mcp.json:

{
  "mcpServers": {
    "dep-scope": {
      "command": "npx",
      "args": ["--package=@florianbruniaux/dep-scope", "-y", "dep-scope-mcp"]
    }
  }
}

Windsurf — ~/.codeium/windsurf/mcp_config.json:

{
  "mcpServers": {
    "dep-scope": {
      "command": "npx",
      "args": ["--package=@florianbruniaux/dep-scope", "-y", "dep-scope-mcp"]
    }
  }
}

Once connected, you can ask your AI editor to call scan_project or generate_migration_prompt directly mid-session without running any CLI command.

Documentation

Requirements

Node.js >= 18.0.0
TypeScript/JavaScript project with package.json

License

MIT

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

mcp-creator-typescript

Free

by mcp-marketplace · Developer Tools

Scaffold, build, and publish TypeScript MCP servers to npm — conversationally

FinAgent

Free

by mcp-marketplace · Finance

Free stock data and market news for any MCP-compatible AI assistant.

Node Dep Scope MCP Server

About

Security Report

Findings (2)

Permissions Required

How to Install

Documentation

dep-scope

When to use dep-scope

Quick Example

How it compares

Installation

Quick Start

Setup: dep-scope init

Getting accurate results

MCP Server

Available tools

Setup

Documentation

Requirements

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent

Node Dep Scope MCP Server

About

Security Report

Findings (2)

Permissions Required

How to Install

Documentation

dep-scope

When to use dep-scope

Quick Example

How it compares

Installation

Quick Start

Setup: dep-scope init

Getting accurate results

MCP Server

Available tools

Setup

Documentation

Requirements

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent

Setup: `dep-scope init`

Setup: `dep-scope init`