I built a dependency health scanner in a day. Here's what I shipped and what I cut. (opens in new tab)

A few weeks back I inherited an old Node.js project and spent half a day grepping package.json trying to figure out which libraries were still alive. npm outdated told me which versions had updates. npm audit told me about CVEs. Neither told me what I actually needed to know: which of these packages have been quietly abandoned and what the community moved to. So this past week I built one. It's called stack-rot, it's written in Python, and it's now on PyPI: pip install stack-rot. This post is...