Open source · MIT license

Your dependencies.
Understood.

Versio scans your package.json, surfaces CVEs, abandoned packages and breaking migrations, then gives you file-level code changes to fix them.

Analyse your project View example report
versio.app/report/my-project

24 packages

moment12
lodash56
react94
axios88
express61

24

Total

3

Critical

7

Stale

14

Healthy

moment2.29.4
Critical · 3 CVEs

Unmaintained since 2022. Replace with date-fns.

// before
- import moment from 'moment'
// after
+ import { format }from 'date-fns'

The problem

npm audit tells you there's a fire.
Not where, or how to put it out.

Versio gives you the full picture and the fix.

Before npm audit

$ npm audit
✖ high    Prototype Pollution in lodash
⚠ moderate Regular Expression DoS in moment
✖ high    Unmaintained moment
⚠ low    Deprecated API in request
✖ critical Prototype Pollution in minimist
247 packages audited
12 vulnerabilities (3 critical, 9 moderate)
…now what?

After Versio report

moment 2.29.4→ date-fns
critical
lodash 4.17.21→ native ES2024
stale
minimist 1.2.5→ yargs-parser
critical
react 18.2.0
healthy

3

Critical

7

Need update

5 files

To change

How it helps

Three layers. One answer.

Security

Know which packages are ticking time bombs.

Every dependency gets a health score built from CVEs, publish recency, download momentum, and open issue trends. No more guessing which packages need attention first.

Automation

Not the docs. Your code, your migration.

Upload your source files and Versio traces every import back to the affected lines. You get a file-level diff, not a link to a changelog.

Productivity

A to-do list, not a wall of text.

Critical CVEs at the top. Breaking changes next. Minor upgrades last. Each step ships with a ready-to-paste code snippet so you can close the tab and move on.

Workflow

From package.json to action in 30 seconds.

01

Paste or upload

Drop in a package.json, requirements.txt, or a whole GitHub URL.

02

Deep scan

Versio cross-references CVE databases, npm stats, and deprecation signals.

03

Review the report

A visual dashboard groups issues by severity with plain-English explanations.

04

Apply changes

Copy ready-made snippets or let the CLI patch your files automatically.

Open source CLI

Runs everywhere.
Installs in one line.

No account, no config file. The CLI reads your package.json, uploads nothing, and streams results back to your terminal. CI-ready from day one.

npm supportpip supportCI / CD readyMIT license
$ npx versio check
Scanning 24 dependencies…
react 18.2.0 · health 94 · 0 CVEs
lodash 4.17.21 · health 56 · 2 CVEs
moment 2.29.4 · health 12 · unmaintained
minimist 1.2.5 · health 18 · 1 critical CVE
→ 3 packages need immediate attention
→ Full report: versio.app/report/abc123
npx versio check

Stop guessing.
Start shipping.

No account required. No credit card. Paste a package.json and get answers in seconds.

Or run npx versio check directly in your terminal.