Skip to main content
Skip table of contents

Package Maintenance Status in Mend SCA

Overview

Mend.io will provide additional insight into the maintenance status of package versions, by marking them as Deprecated or Maintained, allowing you to decide whether it’s safe to upgrade/downgrade a vulnerable package to that version.

This information is available to you via the Mend AppSec Platform user interface or your Repository Integration, using Renovate.

Scope

Supported Ecosystems

Package Manager

Registry

Status

npm

https://www.npmjs.com/

Supported

* Note: As of June 2024, only npm packages are supported; JavaScript packages from any ecosystem other than npm will show up as “Maintained”.

Statuses

Maintained - the package in question has not been marked as deprecated by a maintainer.

image-20240625-114724.png

Deprecated - the package in question has been officially deprecated in the registry.

image-20240625-114819.png

Getting it done

Mend AppSec Platform UI

For the package’s Maintenance Status (Maintained/Deprecated), expand the package’s Library Information section, as depicted below.

image-20260122-175813.png

Repository Integrations

The package maintenance status is also available in Mend.io’s repository integrations, for customers employing Renovate.

More information about warnings for deprecated dependencies in Renovate can be found here.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close