Skip to main content
Skip table of contents

Package Maintenance Status in Mend SCA

Overview

Mend.io will provide additional insight into the maintenance status of package versions, by marking them as Deprecated or Maintained, allowing you to decide whether it’s safe to upgrade/downgrade a vulnerable package to that version.

This information is available to you via the Mend Platform user interface or your Repository Integration, using Renovate.

Scope

Supported Ecosystems

Package Manager

Registry

Status

npm

https://www.npmjs.com/

Supported

* Note: As of June 2024, only npm packages are supported; packages from any ecosystem other than npm will show up as “Maintained”.

Statuses

Maintained - the package in question has not been marked as deprecated by a maintainer.

image-20240625-114724.png

Deprecated - the package in question has been officially deprecated in the registry.

image-20240625-114819.png

Getting it done

Mend Platform UI

Information about the maintenance status of packages will be displayed in the package’s Library Info section in the Mend Platform user interface.

To get to it, navigate to your application or project within the application. Then, select a library and on the library page, select ‘Library Info’ from the left pane.

image-20240627-145555.png

Repository Integrations

The package maintenance status is also available in Mend.io’s repository integrations, for customers employing Renovate.

More information about warnings for deprecated dependencies in Renovate can be found here.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close